Thank you for reading the LinuxSecurity.com weekly security newsletter.
The purpose of this document is to provide our readers with a quick
summary of each week's most relevant Linux security headlines.
Essential tools for hardening and securing Unix based Environments - System administrators are aware as how important their systems security is, not just the runtime of their servers. Intruders, spammers, DDOS attack, crackers, are all out there trying to get into people's computers, servers and everywhere they can lay hands on and interrupt the normal runtime of services.
Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.
Any device with a computer chip can be hacked, but not all hacks are created equal. In fact, in a world where tens of millions of computers are compromised by malware every year and nearly every company's network is owned, truly innovative or thought-provoking hacks are few and far between.
As we reported in April, you build security, and the users muck it up. At a time when productivity growth in many businesses has ground to a halt, our white collar workers are managing to give 200 per cent in one area, at least: yes, in the last 12 months they have doubled their click rates on phishing emails!
Normally, I don't cover vulnerabilities about which the user can do little or nothing to prevent, but two newly detailed flaws affecting hundreds of millions of Android, iOS and Apple products probably deserve special exceptions.
The hackers who breached the US Office of Personnel Management accessed a second set of even more highly sensitive data, it was widely reported Friday, in revelations that make the breach one of the biggest thefts of data on federal workers.
Every day, the security team at network services provider Level 3 Communications monitors approximately 1.3 billion security events; mitigates roughly 22 distributed denial of service (DDoS) attacks; and removes, on average, one control and command (C2) server network.