General Esm W900
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Review: The Official Ubuntu Book - If you haven't used Linux before, are new to Ubuntu, or would like a quick update on the latest in open source advancements for the desktop, then The Official Ubuntu Book is a great place to start. Authored by a group of some of the most experienced open source administrators and developers, this 400-page user guide details everything you need to know about how to make the most of your Ubuntu, Kubuntu (Ubuntu with KDE), and Xubuntu (Ubuntu with Xfce) computer.

Review: Zabbix 1.8 Network Monitoring - If you have anything more than a small home network, you need to be monitoring the status of your systems to ensure they are providing the services they were designed to provide. Rihards Olups has created a comprehensive reference and usability guide for the latest version of Zabbix that anyone being tasked with implementing should have by their side.

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
Hackers Penetrate Nasdaq Computers (Feb 6)

Hackers have repeatedly penetrated the computer network of the company that runs the Nasdaq Stock Market during the past year, and federal investigators are trying to identify the perpetrators and their purpose, according to people familiar with the matter.
Linux vulnerable to USB worms (Feb 9)

At the ShmooCon hacker conference, security expert Jon Larimer from IBM's X-Force team demonstrated that Linux is far from immune from attacks via USB storage devices: during his presentation, the expert obtained access to a locked Linux system using a specially crafted USB flash drive, ...
They're the good-guy hackers (Feb 7)

The first time Zach Mayo infiltrated a security program, he was barely in his teens. At home with his family's computer, he bristled at the parental control software cutting him off from the Internet after curfew.
Anonymous strikes against FBI security firm (Feb 7)

Anonymous, the hacker group known for targeting companies that refused to process payments for WikiLeaks, has attacked an American security firm that has been assisting the FBI.
Cracking the Scratch Lottery Code (Feb 10)

Srivastava realized that the same logic could be applied to the lottery. The apparent randomness of the scratch ticket was just a facade, a mathematical lie. And this meant that the lottery system might actually be solvable, just like those mining samples.
Norway to probe Sony's PS3 Linux 'downgrade' (Feb 9)

A government agency in Norway has reported Sony to the Consumer Ombudsman after floods of complaints over removal of "Other OS" functionality from PlayStation 3 consoles.
WordPress 3.0.5 addresses security vulnerabilities (Feb 8)

The WordPress.org development team has released version 3.0.5 of its open source blogging and publishing platform, a maintenance and security update that addresses two vulnerabilities; these could have allowed a Contributor- or Author-level user to gain further access to the site.
(Feb 10)

A broad spectrum of IT people, including those close to security functions, appear to have little awareness of key security issues impacting their organizations, a new survey shows.
'Anonymous' Takes Down Security Firm That Threatened to Expose its Members (Feb 8)

On Sunday night, cyber vigilantes 'Anonymous' went full throttle against a security firm that claimed to know the identities of the group, which operates "Operation Payback" and reportedly includes members of the "/b/" bulletin board 4chan.org.
Linux vulnerable to Windows-style autorun exploits (Feb 10)

A security researcher has demonstrated how it might be possible to perform autorun-style attacks against weakly secured Linux PCs.
(Feb 8)

Controversy over proposed new domains like .xxx and .gay has the US government pushing for veto power from different nations to ensure a "less fragmented" Web.
Exiled Iranian programmer: 'My life was in danger' (Feb 8)

A major topic sure to be discussed at RSA Conference 2011 next week is cyber warfare -- specifically, whether or not we're really in the middle of one. Fueling the debate is Stuxnet, a piece of malware widely believed to be the creation of Israel and-or the U.S., designed to attack Iranian nuclear facilities.