Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

Linux Kernel Security in a Nutshell: How to Secure Your Linux System - The Linux kernel is the core component of the Linux operating system, maintaining complete control over everything in the system. It is the interface between applications and data processing at the hardware level, connecting the system hardware to the application software. The kernel manages input/output requests from software, memory, processes, peripherals and security, among other hefty responsibilities. Needless to say, the Linux kernel is pretty important.

Servers Running Linux May Get Riskier for Enterprises Next Year - The LinuxSecurity team thanksHoracio Zambrano for contributing this article. Enterprises using Linux for their cloud or data center servers may be faced with a larger threat from advanced security attackers in the near future. Based on the Linux Foundations estimates back in 2014, 75% of enterprises reported using Linux for the cloud and 79% for application deployments.

  New Roboto botnet emerges targeting Linux servers running Webmin (Nov 22)
 

A cybercrime group is enslaving Linux servers running vulnerable Webmin apps into a new botnet that security researchers are currently tracking under the name of Roboto.The botnet's main function is the ability to conduct DDoS attacks, a feature it has not used yet. Learn more:
  Brave 1.0 is ready for privacy-loving web surfers (Nov 21)
 

Are you a privacy-conscious Linux user? If so, you may want to check out Brave 1.0, which is now out of beta and in stable release form. Learn more:
  New Bill Would Require Federal Law Enforcement To Obtain Warrant Before Using Facial Recognition (Nov 21)
 

A new bill introduced by Sens. Chris Coons and Mike Leewould prevent abuse of facial recognition technology by federal authorities. Learn more in this Security Today article:
  Optus opens privacy can of worms with programmable voice play (Nov 22)
 

Bringing an assistant into the phone calls of customers to help with a restaurant booking is an idea fraught with privacy concerns. Australian telco Optus recently opened a privacy can of worms when the companyintroduced internally a live-transcription service that captures the phone call interaction between customers and a call centre officer. What is your opinion on this technology and its potential privacy implications? Learn more in an interesting ZDNet article:
  Chrome, Edge, Safari Successfully Hacked At Tianfu Cup Competition In China (Nov 20)
 

Chinese security researcherswere able to successfully discover zero-day vulnerabilities in Chrome, Edge, Safari, Office 365,qemu-kvm + Ubuntu and more at a recently held hacking competition in the city of Chengdu in China. Learn more in an interesting TechWorm article:
  Research: 5G Networks Still Vulnerable to Location Tracking, Downgrading Attacks (Nov 19)
 

A group of researchers have found 11 flaws in 5G protocols, several of which would expose a devices location and when a user calls or sends texts, compromising privacy and security. Learn more in an interesting Security Today article:
  How the Linux kernel balances the risks of public bug disclosure (Nov 18)
 

A serious Wi-Fi vulnerability has shown how Linux handles security in plain sight. Learn more about this security bug, as well as how the Linux kernel balances the risks of public bug disclosure:
  Researchers Publish PoC for Docker Escape Bug (Nov 20)
 

Are you a Docker customer? If so, you should upgrade to the latest version of Docker immediately. Security researchers have detailed a proof-of-concept (PoC) attack exploiting a critical vulnerability, which could lead to full container escape. Learn more:
  NSA won’t collect phone location data, promises US government (Nov 18)
 

Are you concerned that the collection of phone location data is compromising your privacy? Have you heard that US intelligence agencies haven't been harvesting US residents geolocation data since last summer and won't be doing so in future investigations? What are your thoughts on this? Learn more:
  Portland Seeks to Become First City in Maine to Ban Facial Recognition Technology (Nov 19)
 

Portland, Maine is looking to join Berkeley, San Francisco and Oakland, California in banning facial recognition technology.The ban seeks to prohibit the use of all facial recognition technology by city officials and employees. What is your opinion on this proposal? We strongly support it. Learn more:
  Linux Kernel 5.4 Officially Released with exFAT Support, Kernel Lockdown Feature (Nov 25)
 

Linus Torvalds announced today the general availability of the Linux 5.4 kernel series, a major release that adds numerous new features, stronger security, and updated drivers for better hardware support. Learn more in an informative Softpedia News article:
  Five Senators Join the Fight to Learn Just How Bad Ring Really Is (Nov 25)
 

Amid months of damaging investigative reporting and pressure by advocacy groups like EFF, senators are finally joining the fight to learn just how invasive and harmful Amazons Ring cameras are to the privacy of people in their vicinity. What are your thoughts on Ring cameras? Learn more in an interesting EFF article: