Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Review: The Official Ubuntu Book - If you haven't used Linux before, are new to Ubuntu, or would like a quick update on the latest in open source advancements for the desktop, then The Official Ubuntu Book is a great place to start. Authored by a group of some of the most experienced open source administrators and developers, this 400-page user guide details everything you need to know about how to make the most of your Ubuntu, Kubuntu (Ubuntu with KDE), and Xubuntu (Ubuntu with Xfce) computer.

Review: Zabbix 1.8 Network Monitoring - If you have anything more than a small home network, you need to be monitoring the status of your systems to ensure they are providing the services they were designed to provide. Rihards Olups has created a comprehensive reference and usability guide for the latest version of Zabbix that anyone being tasked with implementing should have by their side.

Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.22 (Version 3.0, Release 22). This release includes many updated packages and bug fixes and some feature enhancements to the EnGarde Secure Linux Installer and the SELinux policy.
(Feb 18)

The hactivist group Anonymous used a series of simple technical and social exploits to crack the network of security-technology firm HBGary Federal, giving the company a schooling that other network security pros can learn from.
(Feb 18)

You may think the only people capable of snooping on your Internet activity are government intelligence agents or possibly a talented teenage hacker holed up in his parents' basement. But some simple software lets just about anyone sitting next to you at your local coffee shop watch you browse the Web and even assume your identity online.
Save your PC: bootable Linux rescue tools (Feb 14)

Linux is now a respected, mature operating system that's free and open source, so it shouldn't be surprising that it has a generic role as a platform for tools for the repair and rescue of both Linux and Windows operating systems.
(Feb 15)

We know you can take down Web sites with Distributed Denial of Service (DDoS) attacks. We know that a country, like Egypt, can knock down a country's entire Internet infrastructure. And, we thought we knew that you couldn't take down the entire Internet. It turns out we could be wrong.
4 skills CISOs need now (Feb 16)

Leading a security program within an organization has taken on a new shape, says career expert Lee J. Kushner. What skills do security professionals need to hone now in order to be competitive in the job market?
Vulnerability management tools: Dos and don'ts (Feb 14)

DON'T shortchange remediation. Surprisingly, organizations will perform vulnerability scans, or hire someone to conduct a scan, get a report and then not follow through. They may cherry-pick one or two critical items and neglect the rest. The result is that the organization has spent time and money without doing much for its security.
How Anonymous hacked the security firm hacker (Feb 18)

Even as the FBI was conducting its ongoing campaign of surveillance and armed raids against those of us involved in the Anonymous activist collective, that and other "law enforcement" agencies were simultaneously providing resources and work opportunities to a collection of federal contractors, which were themselves engaged in a variety of reckless and unethical activities to which they are now being held to account by the press, if not the government.
How Microsoft Does Undocumented Security Patches (Feb 16)

Microsoft doesn't usually like to talk about how they sometimes silently patch vulnerabilities, so it's a pleasant surprise to see them blog about it on their Security Research & Defense blog.
(Feb 17)

In a current reportPDF, anti-botnet specialists at Damballa write that the number of bot-infected PCs worldwide increased sevenfold within a year, although no absolute figures are mentioned. The researchers consider that the expansive growth in 2010 was caused by the increasing availability of "exploit packs" and trojan toolkits.
RSA 2011: Cybersecurity leads conference with cloud security keynote (Feb 15)

Cybersecurity is one of the key topics at the RSA Conference 2011 taking place this week in San Francisco.
Open Kernel Labs bets big on mobile security (Feb 15)

Embedded virtualisation company Open Kernel Labs has introduced a mobile security product based on the company's phone-specific hypervisor, the OKL4 'microvisor'.
(Feb 16)

Acknowledging that security technologies to prevent cyberattacks are insufficient, several vendors at the RSA Conference here urged companies that are making security plans to assume that at some point, they will be breached.