Linux Security Week: June 3rd, 2019
Linux Security Week: June 3rd, 2019
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
LinuxSecurity.com Feature Extras:
Press Release: Guardian Digital Leverages the Power of Open Source to Combat Evolving Email Security Threats - Cloud-based email security solution utilizes the open source methodology for securing business email, recognized by many as the best approach to the problem of maintaining security in the relentlessly dynamic environment of the Internet.
You've Been Pwned! Best Practices to Prevent Your Email Account from Being Compromised in a Data Breach - An Interview with Dave Wreski, CEO of Guardian Digital
cat: privacy nl_type: news 179cat: hackscracks nl_type: news 179cat: security-projects nl_type: news 179cat: privacy nl_type: news 179cat: security-projects nl_type: news 179cat: government nl_type: news 179cat: privacy nl_type: news 179cat: network-security nl_type: news 179cat: hackscracks nl_type: news 179cat: government nl_type: news 179cat: cryptography nl_type: news 179
All the Ways Google Tracks You - And How to Stop It (May 27)
You're probably aware that Google keeps tabs on what you're up to on its devices, apps, and services--but you might not realize just how far its tracking reach extends, into the places you go, the purchases you make, and much more. It's an extensive set of data, but you can take more control over what Google collects about you and how long the company keeps it. Here's how.
Ransomware attacks in US cities are using a stolen NSA tool (May 26)
The ransomware attacks in Baltimore and other US cities appear to have a common thread: they're using NSA tools on the agency's home soil. In-the-know security experts talking to the New York Times said the malware in the cyberattacks is using the NSA's stolen EternalBlue as a "key component," much like WannaCry and NotPetya. While the full list of affected cities isn't available, San Antonio and the Pennsylvania city of Allentown have reportedly been victims of EternalBlue-based campaigns.
Edge Magnifies Open Source Challenges, Opportunities (May 27)
There are almost as many open source groups and projects working on edge computing as there are definitions of edge -- one such project, in fact, focuses exclusively on defining edge terms. This is partially due to the hype, and consolidation will probably happen as the hype turns into real-life deployments and concrete use cases.
EU-US Privacy Shield complaint to be heard by Europe's top court in July (May 28)
A legal challenge to the EU-US Privacy Shield, a mechanism used by thousands of companies to authorize data transfers from the European Union to the US, will be heard by Europe's top court this summer.
Chinese military to replace Windows OS amid fears of US hacking (May 28)
Amidst an escalating trade war and political tensions with the US, Beijing officials have decided to develop a custom operating system that will replace the Windows OS on computers used by the Chinese military.
Huawei files motion against US declaring law as 'unconstitutional' (May 29)
Huawei has filed a motion for a summary judgment against the US government that alleges section 889 of the National Defense Authorization Act 2019 (NDAA) is unconstitutional.
Apple, Google and others condemn UK plan to view encrypted chats (May 30)
Major players within the tech industry have long-opposed the idea of government access to users' messages and chat conversations -- now they're continuing the fight with an open letter to GCHQ (the UK's government communication headquarters) lambasting proposals that could allow officials to eavesdrop on encrypted chats.
Foreign spies may be hiding in your VPN, warns DHS (May 31)
Before we get into the latest scary-virtual private network (VPN) news, let's do as Naked Security's Paul Ducklin advises and repeat after him:
Unpatched Docker bug allows read-write access to host OS (May 31)
There are lots of books on tools and techniques to secure software containers, but what happens when someone discovers a basic architectural flaw? And what do you do when there's no working patch for it?
Sorry, FCC—killing net neutrality probably didn’t expand internet access (Jun 3)
If you believe the US Federal Communications Commission, last June's end of net neutrality--the system that required internet service providers to treat all data equally--has helped more Americans get broadband access. But the data behind this claim is highly controversial.
How a quantum computer could break 2048-bit RSA encryption in 8 hours (Jun 3)
Many people worry that quantum computers will be able to crack certain codes used to send secure messages. The codes in question encrypt data using "trapdoor" mathematical functions that work easily in one direction but not in the other. That makes encrypting data easy but decoding it hugely difficult without the help of a special key.