Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Essential tools for hardening and securing Unix based Environments - System administrators are aware as how important their systems security is, not just the runtime of their servers. Intruders, spammers, DDOS attack, crackers, are all out there trying to get into people's computers, servers and everywhere they can lay hands on and interrupt the normal runtime of services.

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

  Storing secret crypto keys in the Amazon cloud? New attack can steal them (Sep 29)
 

Piercing a key selling point of commercial cloud computing services, computer scientists have devised a hack that allows an attacker using Amazon's EC2 platform to steal the secret cryptographic keys of other users.
  (Sep 28)
 

Researchers suspect a mobile advertising network has been used to point hundreds of thousands of smartphone browsers at a website with the aim of knocking it offline.According to distributed denial-of-service protection service CloudFlare, one customer's site recently came under fire from 4.5 billion page requests during a few hours, mostly from smartphone browsers on Chinese IP addresses.
  Could VW scandal lead to open-source software for better automobile cybersecurity? (Sep 30)
 

After Volkswagen used software that manipulated exhaust values and defeated emissions tests, it has affected 11 million VW diesel cars built since 2008. A 2007 letter from VW parts supplier Bosch warned Volkswagen not to use the software for regular operations; in 2011, a Volkswagen technician raised concerns about the illegal practices in connection with the emissions levels.
  Linux botnet observed launching powerful DDoS attacks (Oct 1)
 

Threat actors are leveraging a botnet made up of infected Linux machines to launch powerful distributed denial-of-service (DDoS) attacks against as many as 20 targets per day, according to Akamai's Security Intelligence Response Team (SIRT).
  (Sep 29)
 

In a report released on Tuesday, Akamai has profiled several recent attacks from the XOR botnet, which is capable of DDoS attacks in excess of 150Gpbs. Researchers, after examining the more recent incidents, say that a vast majority of XOR's targets are organizations in Asia.