Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

sec-wall: Open Source Security Proxy - sec-wall, a recently released security proxy is a one-stop place for everything related to securing HTTP/HTTPS traffic. Designed as a pragmatic solution to the question of securing servers using SSL/TLS certificates, WS-Security, HTTP Basic/Digest Auth, custom HTTP headers, XPath expressions with an option of modifying HTTP headers and URLs on the fly.

Book Review: Linux Kernel Programming - As Linux is implemented on increasingly wider number of devices, the number of people responsible for developing and maintaining Linux on those platforms have increased. As the level of maturity of the kernel increases, so does the complexity, capabilities, and size. This book provides the Linux programmer the tools necessary to understand the core aspects of the kernel and how to interface with it.

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
59 Open Source Tools That Can Replace Popular Security Software (Apr 13)

It's been about a year since we last updated our list of open source tools that can replace popular security software. This year's list includes many old favorites, but we also found some that we had previously overlooked.
7 free security tools for Linux (Apr 13)

One of the big advantages of using Linux is that its security tends to be so much better than that of the competing alternatives. That's due in large part to the way Linux assigns permissions, but it's also certainly true that the open source operating system is targeted by malware writers far less frequently than Windows is, in particular, simply because it's less widely used and so much more diverse.
Hacker 'Handshake' Hole Found In Common Firewalls (Apr 13)

Some of the most commonly-used firewalls are subject to a hacker exploit that lets an attacker trick a firewall and get into an internal network as a trusted IP connection.
How is SSL hopelessly broken? Let us count the ways (Apr 11)

Every year or so, a crisis or three exposes deep fractures in the system that's supposed to serve as the internet's foundation of trust. In 2008, it was the devastating weakness in SSL, or secure sockets layer, certificates issued by a subsidiary of VeriSign.
The encryption keys used to secure data have become the keys to the kingdom The encryption keys used (Apr 14)

Back in the mid 70s, the use of encryption in enterprises was pretty much unheard of. Soon companies started to introduce some encryption in limited instances, such as encoders on communication lines to encrypt financial transactions.
(Apr 15)

The phone rang at the branch of an American car dealership. On the line were employees of another branch, in need of urgent assistance: Their computer had frozen. They couldn't enter the information system of the sales network because their user name and password had been "locked," and they immediately needed new ones to continue working.
US Postal Service Website Hit With 'Blackhole' Exploit (Apr 11)

The US Postal Service website received an unwelcome delivery this week of a new attack rapidly spreading among legitimate websites. USPS became the latest victim of the so-called "Blackhole" toolkit, a wildly popular website attack kit that's easy to use and provides obfuscation features that help it evade antivirus detection.
Security firm Barracuda hit by cyberattack (Apr 12)

Security company Barracuda Networks was itself hit by a security breach over the weekend that exposed certain information from its databases. An unknown hacker, who apparently took credit for the break-in, launched an attack that exposed a list of Barracuda databases along with the names, phone numbers, and e-mail address of various Barracuda partners.
Security researcher warns over Dropbox authentication security flaw (Apr 12)

Attackers able to get their hands on a Dropbox configuration file would be able to access and download any files a user synchronises through the service without betraying any signs of compromise, a security researcher has discovered.
(Apr 13)

Intrusion-prevention system (IPS) vendors have not found it easy to recast their appliances for use in the virtual-machine (VM) environment. But now McAfee and Sourcefire claim to have overcome some hurdles, at least with VMware's VM.
Facebook to share server secrets as part of "Open Compute Project" (Apr 11)

FACEBOOK said it would share details for its new server systems and computer rooms with other companies, hoping to set off what it characterised as an open movement for hardware design.
U.S. shutters botnet, can disable malware remotely (Apr 14)

By seizing servers and domain names and getting permission to remotely turn off malware on compromised PCs, U.S. officials have disabled a botnet that steals data from infected computers.