Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

  (Jan 6)
 

Ladar Levison is probably most well-known to Ars readers as the founder of the secure e-mail service Lavabit, which he shut down in mid-2013 in an effort to avoid being forced to comply with a US government demand to turn over users' e-mails.
  Xbox Live, PlayStation Network alleged hacker arrested in the UK (Jan 5)
 

Krebs on Security reports that police in the UK have arrested a hacker who they believe was responsible for recent Christmas outages on the PlayStation Network and Xbox Live.
  (Jan 6)
 

A new software tool named WiFiPhisher is available on Github created by a Greek security researcher, named George Chatzisofroniou.He has developed a WiFi social engineering tool that is designed to steal credentials from users of secure Wi-Fi networks.
  (Jan 5)
 

As the clock strikes midnight on the new year, so begins the countdown to a new round of security threats and breaches that doubtless will unfold in 2015. But this year will be a little different. In the past, when we've talked about threat predictions, we've focused either on the criminal hackers out to steal credit card data and banking passwords or on the activist hackers out for the lulz (and maybe to teach corporate victims a lesson).
  Buffer overflow reported in UEFI EDK1 (Jan 7)
 

A pair of security researchers have found a buffer overflow vulnerability within the implementation of the unified extensible firmware interface (UEFI) within the EDK1 project used in firmware development.
  Major Bitcoin Exchange Bitstamp Goes Offline After Possible Hack (Jan 7)
 

Not even a year has passed since top bitcoin exchange Mt. Gox collapsed into a pit of burning money, blaming a hacking incident for a nearly half-billion dollar meltdown and bankruptcy. Now another major exchange may be putting its users through a small-scale replay of that crisis.
  FBI director again points to North Korea for Sony attack (Jan 8)
 

North Korean hackers left footprints when they breached Sony Pictures Entertainment late last year, the director of the FBI said Wednesday.
  (Jan 5)
 

Events such as the massive attack on Sony Pictures have emphasised yet again how anyone with a grudge and a certain amount of technical knowledge can undermine the digital systems on which modern internet-connected economies rely.
  (Jan 6)
 

With Internet of Things (IoT) gaining more traction, such devices are expected to gain more attention from malicious hackers this year who will also be resorting back to social engineering tactics.
  Thieves Jackpot ATMs With