Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Why Your Current Approach to Email Security May Not Be Enough

Is your solution doing enough to protect your users? This article helps you to decide.

These days, the words "spam email" and "data breach" are commonplace. With an estimated 3.8 billion email users worldwide ( Radicati Group) , it is no surprise that scammers and cyber criminals frequently utilize email as a vector to carry out their attacks. Most email users are aware of this exploitation, and many have taken what they believe are the necessary measures to secure their email accounts.

Linux and Open Source FAQs: Common Myths and Misconceptions Addressed - LinuxSecurity debunks some common myths and misconceptions regarding open source and Linux by answering a few Linux-related frequently asked questions.

  Revealed: Facebook’s global lobbying against data privacy laws (Mar 3)
 

Facebook has targeted politicians around the world including the former UK chancellor, George Osborne promising investments and incentives while seeking to pressure them into lobbying on Facebook's behalf against data privacy legislation, an explosive new leak of internal Facebook documents has revealed.
  Hackers have started attacks on Cisco RV110, RV130, and RV215 routers (Mar 3)
 

Two days after Cisco patched a severe vulnerability in a popular brand of SOHO routers, and one day after the publication of proof-of-concept code, hackers have started scans and attacks exploiting the said security bug to take over unpatched devices.
  As Trump and Kim Met, North Korean Hackers Hit Over 100 Targets in U.S. and Ally Nations (Mar 4)
 

North Korean hackers who have targeted American and European businesses for 18 months kept up their attacks last week even as President Trump was meeting with North Korea's leader in Hanoi.
  Some Android VPN apps request access to sensitive permissions they don't need (Mar 5)
 

Some of the Android VPN apps available through the official Google Play Store request access to "dangerous" user permissions that a normal VPN app would have no use for, according to research viewed today by ZDNet.
  Ransomware attack on Israeli users fails miserably due to coding error (Mar 5)
 

Hackers launched a failed cyber-attack on Saturday in an attempt to infect millions of Israeli users with ransomware.
  WordPress accounted for 90 percent of all hacked CMS sites in 2018 (Mar 5)
 

Roughly 90 percent of all the hacked content management systems (CMSs) Sucuri investigated and helped fix in 2018 were WordPress sites. In a distant second, third, and fourth came Magento (4.6 percent), Joomla (4.3 percent), and Drupal (3.7 percent), according to a report the company published yesterday.
  Marriott CEO shares post-mortem on last year's hack (Mar 9)
 

Marriott International CEO Arne Sorenson testified in front of a US Senate subcommittee yesterday, revealing new details about a security breach the hotel chain disclosed last year.
  809 million records exposed by email marketing giant (Mar 8)
 

Data breaches are so common now that your eyes may tend to gloss over the news of yet-another public exposure of personally identifiable information (PII) and customer records.
  Pirate Bay malware buries nuisance program bundles in a single click (Mar 7)
 

The Pirate Bay (TPB) has become a hotspot for the download of a new Trojan which comes laden with hidden spyware packages.
  Firefox to add Tor Browser anti-fingerprinting technique called letterboxing (Mar 6)
 

Mozilla is scheduled to add a new user anti-fingerprinting technique to Firefox with the release of version 67, scheduled for mid-May this year.
  Facebook sues Ukrainian browser extension makers for scraping user data (Mar 11)
 

Facebook has filed a suit against two Ukrainian developers for creating Facebook apps and browser extensions that harvested user data and injected ads into users' timelines.