Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

What we Can Learn from the Recent VLC Security Vulnerability Fiasco: A Conversation with VideoLAN President Jean-Baptiste Kempf - About a week ago, the LinuxSecurity staff started tracking a security issue related to VLC , the popular open source media player. Security vulnerabilities are a regular part of the software development lifecycle. These vulnerabilities are identified, then a solution is created and distributed to its users. In this case, it wasnt completely clear whether thats what happened, though. We decided to find out.

LinuxSecurity.com Launches New site, Celebrates 20 Years of Following Open Source Security News and Resources - July 29, 2019 - Midland Park, NJ -- LinuxSecurity.com, the open-source communitys go-to source for security news and information, has revealed a completely new site design and a renewed focus on providing timely, authoritative industry content.

  A New Age in Corporate Accountability for Data Breaches (Aug 5)
 

There isnt an industry safe from data breaches. From banks and credit organizations to hotel and restaurant chains, academic institutions and more , hundreds of millions of individuals have had their personal information stolen " all via the companies with whom they do business.
  Looking for answers at Black Hat 2019: 5 important cybersecurity issues (Aug 5)
 

As Black Hat 2019 begins, the cybersecurity topics top of mind include network security platforms, threat detection/response services, new cloud security strategies, and clarification around security analytics.
  #BHUSA: How GDPR Can Help Attackers Steal Identities (Aug 8)
 

The GDPR (General Data Protection Regulation) is supposed to help individuals keep their information private, but as it turns out, it could also potentially serve to help attackers as well.
  KDE Linux Desktops Could Get Hacked Without Even Opening Malicious Files (Aug 7)
 

If you are running a KDE desktop environment on your Linux operating system, you need to be extra careful and avoid downloading any ".desktop" or ".directory" file for a while.
  11 new state privacy and security laws explained: Is your business ready? (Aug 8)
 

States from Maine to California have recently enacted privacy, data security, cybersecurity, and data breach notification laws. We break down what each of these laws entails.
  New Spectre-like CPU vulnerability bypasses existing defenses (Aug 7)
 

The SWAPGS vulnerability can allow attackers to access contents of kernel memory addresses. Microsoft and Intel have coordinated on a mitigation.
  KDE rips out ability for KConfig to run shell code (Aug 8)
 

The feature that a researcher discovered could be used to execute malicious code had no actual use case.
  GDPR privacy can be defeated using right of access requests (Aug 12)
 

A British researcher has uncovered an ironic security hole in the EUs General Data Protection Regulation (GDPR) " right of access requests.
  All Microsoft Certified Drivers from Intel, Nvidia, AMD, Others Are Vulnerable (Aug 12)
 

All major BIOS vendors, along with the likes of AMD, Nvidia, Intel, Huawei, and many others, are offering drivers that have serious security issues. A new report, called Screwed Drivers, from Eclypsium, revealed the worrying extent of the problem.