Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Essential tools for hardening and securing Unix based Environments - System administrators are aware as how important their systems security is, not just the runtime of their servers. Intruders, spammers, DDOS attack, crackers, are all out there trying to get into people's computers, servers and everywhere they can lay hands on and interrupt the normal runtime of services.

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

  FBI used Hacking Team services to unmask Tor user (Jul 15)
 

The FBI communicated with Hacking Team over the possible use of surveillance tools to track down a Tor-using target, emails reveal.As discovered by Hacker News, the cache of emails belonging to Hacker Team but now hosted on Wikileaks reveals a number of interesting conversations allegedly between the FBI and surveillance company.
  NSA Releases Systems Integrity Management Tool (SIMP) on GitHub (Jul 15)
 

The NSA has released a batch of tools codenamed SIMP (Systems Integrity Management Tool) on a special GitHub account set up just for this, and following their Technology Transfer Program (TTP).
  Configure Postfix TLS with a Free StartSSL Certificate (Jul 14)
 

One recommended way to help secure your Postfix mail server is enabling TLS (Transport Layer Security) for connections to and from Postfix. You can search for more detailed descriptions of exactly how TLS works, but basically it's a crypotgraphic protocol that allows connections between systems to remain secure.
  Vietnamese National Sentenced to 13 Years in Prison for Operating a Massive International Hacking an (Jul 15)
 

A Vietnamese national was sentenced to 13 years in prison for hacking into U.S. businesses' computers, stealing personally identifiably information (PII), and selling to other cybercriminals his fraudulently-obtained access to PII belonging to approximately 200 million U.S. citizens.
  (Jul 14)
 

Envato, the network of marketplaces where users can sell anything from 3D graphics to stock photography, from WordPress themes to music, is under a two-week long DDOS attack from an unknown assailant.In a post on Inside Envato, the company's official blog, the team put more light on the issue that's been plaguing their service since July 1.
  Once-theoretical crypto attack against HTTPS now verges on practicality (Jul 17)
 

Almost a third of the world's encrypted Web connections can be cracked using an exploit that's growing increasingly practical, computer scientists warned Wednesday. They said the attack technique on a cryptographic cipher known as RC4 can also be used to break into wireless networks protected by the Wi-Fi Protected Access Temporal Key Integrity Protocol.
  'Morpho' group goes after corporate IP (Jul 14)
 

Symantec has identified a group of cybercriminals, whom they've named "Morpho," as targeting corporate intellectual property for financial gains, with Twitter, Facebook, Apple and Microsoft among those hit."Attackers going after intellectual property is not that usual," said Vikram Thakur, senior manager at Symantec.
  Anonymous At War With Denver Police (Again) (Jul 17)
 

Anonymous is at it again, this time in response to the recent disputed police killing of Paul Castaway, a Denver resident and member of the Lakota Indian tribe.
  Census Project Identifies Open Source Tools at Risk (Jul 13)
 

Heartbleed may have brought on a major case of heartburn last April for system admins worldwide, but a positive offshoot of the biggest of the Internet-wide bugs was that it opened a lot of eyes to the lack of support afforded even ubiquitous open source software projects.
  Hacking Team CEO: We're the 'good guys' (Jul 13)
 

The chief executive of Hacking Team has finally spoken out about the cyberattack which allowed sensitive corporate data, exploits and customer history to enter the public domain.
  Mozilla Disables Flash in Firefox (Jul 14)
 

As the zero days in Adobe Flash continue to pile up, Mozilla has taken the unusual step of disabling by default all versions of Flash in Firefox.
  (Jul 20)
 

Spam fell to less than 50 percent of all email in June, the lowest in a decade, Symantec said Thursday in its latest Intelligence Report.