Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Using the sec-wall Security Proxy - This article full of examples will show you various ways to test services secured using sec-wall, a feature-packed high performance security proxy. We'll be using cURL, a popular Linux command line tool and PycURL - a Python interface to cURL. As of version 1.0, sec-wall supports HTTP Basic auth, digest auth, custom HTTP headers, XPath-based authentication, WS-Security & SSL/TLS client certificates and each of the options is being shown below.

sec-wall: Open Source Security Proxy - sec-wall, a recently released security proxy is a one-stop place for everything related to securing HTTP/HTTPS traffic. Designed as a pragmatic solution to the question of securing servers using SSL/TLS certificates, WS-Security, HTTP Basic/Digest Auth, custom HTTP headers, XPath expressions with an option of modifying HTTP headers and URLs on the fly.

LulzSec Leak Reveals iPhone Apps That Worry Police (Jun 24)

Hacker group LulzSec has struck again, this time targeting Arizona law enforcement by releasing thousands of pages of confidential documents and communications presumably acquired in a security breach. Among those documents are several that show law enforcement's special interest in the iPhone and other smart phones.
Suspected LulzSec player arrested, in custody in London (Jun 21)

The day the authorities have been waiting for is finally here: A possible LulzSec leader has been arrested. He is 19-years-old and was arrested in Essex, England thanks to a cooperative effort between FBI and Scotland Yard.
(Jun 20)

Computer hackers who have hit the websites of the CIA, US Senate, Sony and others during a month-long rampage said that they were staging the attacks for their own entertainment.
Storing passwords in uncrackable form (Jun 21)

News about intrusions into the servers of online stores, games vendors and other internet services can now be read on an almost daily basis. Often, the intruders obtain customers' login data including their passwords. As many people use the same password in multiple places, criminals can use the passwords to obtain unauthorised access to further services.
Ubuntu Linux, Day 21: Enough Already With the Updates! (Jun 23)

We are heading into the home stretch on the 30 Days With Ubuntu Linux series. If I were to score Ubuntu Linux today, it would get generally high marks, but there is one thing that has really been annoying me--the updates.
Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges (Jun 22)

Former Department of Homeland Security chief Michael Chertoff said combating groups like LulzSec and Anonymous pose a unique problem for law enforcement because "the big challenge is attribution." However, it's possible that the U.S. government could find itself in a cyberwar with a network.
(Jun 23)

A hacking group in the Netherlands promises to publish photos, phone numbers and addresses of LulzSec members in response to similar treatment by LulzSec.
(Jun 23)

Ryan Cleary, the Essex teenager accused of a string of hacking attacks, threatened to commit suicide if his computer was taken away, his mother has disclosed.
Bitcoin Prices Plummet on Hacked Exchange (Jun 20)

The Bitcoin community faced another crisis on Sunday afternoon as the price of the currency on the most popular exchange, Mt.Gox, fell from $17 to pennies in a matter of minutes. Trading was quickly suspended and visitors to the home page were redirected to a statement blaming the crash on a compromised user account. Mt.Gox's Mark Karpeles said that the exchange would be taken offline to give administrators time to roll back the suspect transactions.
Hack Attack (Jun 23)

So who would you like to hack today? A bank, a website, a corporation or perhaps a government agency that's rubbing you the wrong way? The hacktivist group LulzSec is taking requests. Or maybe you'd like to get your hands on some stolen credit-card accounts to boost your personal spending level or purchase some malware that will divert a business's payments from its vendors to you.
(Jun 21)

Online storage service Dropbox accidentally turned off password authentication for its 25 million users for four hours on Monday -- although "much less than 1 percent" of those accounts were accessed during the period, the company said. It is still investigating whether any of those accounts were improperly accessed.
(Jun 26)

After fifty days of releasing vast caches of confidential data, from police units through to government departments, LulzSec announced on its Twitter feed this evening that it is to disband. But it seems that LulzSec wasn't in it for the