Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

LinuxSecurity.com Feature Extras:

Peter Smith Releases Linux Network Security Online - Thanks so much to Peter Smith for announcing on linuxsecurity.com the release of his Linux Network Security book available free online. "In 2005 I wrote a book on Linux security. 8 years later and the publisher has gone out of business. Now that I'm free from restrictions on reproducing material from the book, I have decided to make the entire book available online."

Securing a Linux Web Server - With the significant prevalence of Linux web servers globally, security is often touted as a strength of the platform for such a purpose. However, a Linux based web server is only as secure as its configuration and very often many are quite vulnerable to compromise. While specific configurations vary wildly due to environments or specific use, there are various general steps that can be taken to insure basic security considerations are in place.

  'OriginalGuy': The Full Story Of The iCloud Hacker Who Leaked Those Naked Celebrity Photos (Sep 3)
 

After private photographs of some of the most famous women in the world were posted online, journalists, PR representatives, and curious internet users alike scrambled to figure out how a nameless hacker had gained access to the cell phones of the rich and famous.
  (Sep 2)
 

The web forum 4chan is known mostly as a place to share juvenile and, to put it mildly, politically incorrect images. But it's also the birthplace of one of the latest attempts to subvert the NSA's mass surveillance program.
  (Sep 4)
 

Apple might have avoided embarrassment this week over the egregious iCloud-hack-naked-celeb-gate if it had adopted a more open approach to security in the past.For instance, it could have started a formal programme to incentivise researchers to disclose bugs to the consumer tech behemoth. Such bug bounty programmes are incredibly simple: tech manufacturers pay those who responsibly hand over information on vulnerabilities.
  (Sep 3)
 

A number of popular home and small office routers suffer from an implementation problem that could lead an experienced hacker down the road toward learning the devices' eight-digit Wi-Fi Protected Setup (WPS) PINs in one guess.
  Google, Facebook ID codes found in Android malware stash (Sep 5)
 

Text messages containing VPN passwords and authentication codes for Google and Facebook are found on a command-and-control server for Android malware
  (Sep 4)
 

Hackers are succeeding with what appears to be alarming regularity. But that may not be because they are smarter or even better trained than defenders, but because they think, and attack, more strategically
  Google accelerates end of SHA-1 support; certificate authorities nervous (Sep 3)
 

Google's recent announcement that they will begin to deprecate support for SHA-1 TLS/SSL digital certificates in Chrome is meeting resistance from certificate authorities (CAs).Google made their announcement on August 20 on their Security-dev mailing list, although they had been warning of this decision for months.
  A Google Site Meant to Protect You Is Helping Hackers Attack You (Sep 2)
 

Before companies like Microsoft and Apple release new software, the code is reviewed and tested to ensure it works as planned and to find any bugs.Hackers and cybercrooks do the same. The last thing you want if you're a cyberthug is for your banking Trojan to crash a victim's system and be exposed.
  CERT/CC Enumerates Android App SSL Validation Failures (Sep 4)
 

A growing compilation of close to 350 Android applications that fail to perform SSL certificate validation over HTTPS has been put together by the CERT Coordination Center at the Software Engineering Institute at Carnegie Mellon University.
  (Sep 2)
 

As the online hunt for the persons responsible for yesterday's massive celebrity nude photo leak continues, some Redditors and security researchers have pointed to Bryan Hamade, a 27-year-old from Lawrenceville, Georgia, as the culprit.
  Inside Google's Secret Drone-Delivery Program (Sep 2)
 

A zipping comes across the sky.A man named Neil Parfitt is standing in a field on a cattle ranch outside Warwick, Australia. A white vehicle appears above the trees, a tiny plane a bit bigger than a seagull. It glides towards Parfitt, pitches upwards to a vertical position, and hovers near him, a couple hundred feet in the air. From its belly, a package comes tumbling downward, connected by a thin line to the vehicle itself.
  (Sep 2)
 

CryptoWall is a million-dollar business.The file-encrypting ransomware has netted the criminal gang responsible for its development and dispersal, more than $1.1 million in the six months it's been in the wild, researchers at Dell SecureWorks' Counter Threat Unit said in a report this week.