Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

  How to Anonymize Everything You Do Online (Jun 17)
 

One year after the first revelations of Edward Snowden, cryptography has shifted from an obscure branch of computer science to an almost mainstream notion: It's possible, user privacy groups and a growing industry of crypto-focused companies tell us, to encrypt everything from emails to IMs to a gif of a motorcycle jumping over a plane.
  Spamhaus readies new antimalware data feeds (Jun 16)
 

The Spamhaus Project will soon publish two new data feeds intended to prevent people from being lured to malware-infected websites and domains.
  FBI Nabs Alleged NullCrew Hacker (Jun 20)
 

The FBI announced Wednesday the capture of an alleged member of NullCrew, an organization responsible for cyber-attacks against universities, government agencies and corporations. The suspect, Timothy French, was arrested in Tennessee last Wednesday.
  (Jun 18)
 

During the 1920s and 1930s, a part of the U.S. public rooted for gun-toting, mythologized bank robbers like Bonnie and Clyde, John Dillinger, and Pretty Boy Floyd. But the fantasies were often tempered by reports of guards, police, and innocent bystanders injured and killed in the frequent shoot-outs.
  Possible TrueCrypt Fork in the Works (Jun 19)
 

Although the developers behind the TrueCrypt encryption software have given up the ghost and decided to no longer maintain the application, interest in the project has never been higher. But, one of the developers says that a nascent effort to fork TrueCrypt is unlikely to succeed.
  Stop sneaky hackers from launching DMA attacks (Jun 17)
 

Direct Memory Access (DMA) is a controller feature that has been available at least since the original IBM PC. It can be used by hackers to compromise your otherwise very heavily protected computer. Fortunately, there are steps you can take to minimize DMA-based attacks.
  Hacker puts 'full redundancy' code-hosting firm out of business (Jun 19)
 

A code-hosting and project management services provider was forced to shut down operations indefinitely after a hacker broke into its cloud infrastructure and deleted customer data, including most of the company's backups.
  OpenSSL Patches 7 Security Flaws (Jun 20)
 

If there is any good news from the discovery of the Heartbleed bug that affects OpenSSL, it's this: security Relevant Products/Services analysts are keeping a closer watch on OpenSSL. And their efforts have paid off. The open-source OpenSSL Project today released a security update that fixes seven vulnerabilities, including two that have been rated critical by the SANS Internet Storm Center.
  Telling Folk Heroes From Monsters (Jun 20)
 

Woe to the once-hallowed trickster. In ancient mythologies, the riddler-thief and agent of change held a position of prestige. Now, we don't know what to do with him. In our two Americas, we do black and white, either/or, with us or against us. The trickster is in between, both and neither, a character on the fringes.
  Dyreza Banker Trojan Seen Bypassing SSL (Jun 18)
 

Banker Trojans have proven to be reliable and effective tools for attackers interested in quietly stealing large amounts of money from unwitting victims. Zeus, Carberp and many others have made piles of money for their creators and the attackers who use them, and researchers have been looking at a newer banker Trojan that has the ability to bypass SSL protection for banking sessions by redirecting traffic through the attackers' own domains.
  At least 32,000 servers broadcast admin passwords in the clear, advisory warns (Jun 22)
 

An alarming number of servers containing motherboards manufactured by Supermicro continue to expose administrator passwords despite the release of an update that patches the critical vulnerability, an advisory published Thursday warned.
  Hacker Tactic: Holding Data Hostage (Jun 22)
 

THE perpetual cat-and-mouse game between computer hackers and their targets is getting nastier. Cybercriminals are getting better at circumventing firewalls and antivirus programs. More of them are resorting to ransomware, which encrypts computer data and holds it hostage until a fee is paid.