Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.


  Wikipedia parent Wikimedia sues NSA and Department of Justice for violating users privacy (Mar 11)
 

The Wikimedia Foundation which operates the popular online encyclopedia Wikipedia has filed an lawsuit against the National Security Agency (NSA) and the US Department of Justice (DOJ) of United States for violating user privacy.

  IoT's dark side: Hundreds of unsecured devices open to attack (Mar 9)
 

A self-described security "amateur" discovered hundreds of Internet-connected devices ranging from cameras to industrial control systems that were connected to the Internet without even basic password protection -- meaning they could be easily turned on and off or otherwise manipulated with a single click of a mouse.

  Cutting-edge hack gives super user status by exploiting DRAM weakness (Mar 10)
 

In one of more impressive hacks in recent memory, researchers have devised an attack that exploits physical weaknesses in certain types of DDR memory chips to elevate the system rights of untrusted users of Intel-compatible PCs running Linux.

  CloudFlare launches nameserver DDoS shield (Mar 11)
 

CloudFlare has launched a DNS proxy service it says will help organisations improve DNS resilience by pushing distributed denial of service attacks to the outer edge of its network.

  UK Gov SciTech advice bureau suggests keeping Tor alive to reduce street crime (Mar 10)
 

The UK Parliamentary Office of Science and Technology (POST) has issued a POSTnote titled "The darknet and online anonymity" in which it assesses the threats posed by anonymity technologies like Tor and concludes there's not much governments or law enforcement agencies can do about them.

  Julian Assange Might Finally Face Questioning Over Sexual Allegations (Mar 13)
 

In a surprise move, Swedish prosecutors ann​ounced on Friday that they are willing to fly to the UK and interrogate WikiLeaks founder Julian Assange in the Ecuadorian embassy, an offer that might be the beginning of the end for a legal stalemate that's lasted almost five years.

  Snowden docs show CIA's attempts to defeat Apple device security (Mar 11)
 

Researchers sponsored by the U.S. government have reportedly tried to defeat the encryption and security of Apple devices for years.

  Cryptocurrency software bundled with BitTorrent triggers complaints (Mar 9)
 

Some people who use uTorrent, the popular BitTorrent client, are up in arms over the presence of cryptocurrency mining software on their computers which they say was installed without their permission.

  Wikimedia sues NSA to stop it from spying on its users (Mar 10)
 

In an effort to stop the U.S. government from spying on Wikipedia's readers and editors, the Wikimedia Foundation will sue the U.S. National Security Agency (NSA) and the Department of Justice (DOJ).

  Google error leaks website owners' personal information (Mar 13)
 

A Google software problem inadvertently exposed the names, addresses, email addresses and phone numbers used to register websites after people had chosen to keep the information private.

  Clinton's Homebrew E-Mail Server: Risky or Genius? (Mar 9)
 

No, it's not always a room filled with wires and glowing blue lights. It's probably not even the size of your furnace. The personal email server used by Hillary Rodham Clinton during her time as secretary of state was probably about the size of your office desktop computer and could have been tucked quietly in a corner somewhere.

  Dridex Banking Trojan Spreading Via Macros in XML Files (Mar 10)
 

Not long ago, criminals pushing the Dridex banking Trojan were using Microsoft Excel documents spiked with a malicious macro as a phishing lure to entice victims to load the malware onto their machines.