Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

Linux Kernel Security in a Nutshell: How to Secure Your Linux System - The Linux kernel is the core component of the Linux operating system, maintaining complete control over everything in the system. It is the interface between applications and data processing at the hardware level, connecting the system hardware to the application software. The kernel manages input/output requests from software, memory, processes, peripherals and security, among other hefty responsibilities. Needless to say, the Linux kernel is pretty important.

Servers Running Linux May Get Riskier for Enterprises Next Year - The LinuxSecurity team thanksHoracio Zambrano for contributing this article. Enterprises using Linux for their cloud or data center servers may be faced with a larger threat from advanced security attackers in the near future. Based on the Linux Foundations estimates back in 2014, 75% of enterprises reported using Linux for the cloud and 79% for application deployments.

  Chinese companies want to help shape global facial recognition standards (Dec 2)
 

The use of facial recognition technology is continuing to expand , despite concerns about its accuracy and fairness and about how it could be used by governments to spy on people. These concerns have been heightened following a report by the Financial Times which shows that Chinese groups have a significant influence in shaping international standards regarding the technology. Learn more:
  New Linux Bug Lets Attackers Hijack Encrypted VPN Connections (Dec 6)
 

A team of cybersecurity researchers has disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote 'network adjacent attackers' to spy on and tamper with encrypted VPN connections. Learn more about the bug and how it could impact your system:
  OpenBSD devs patch authentication bypass bug (Dec 6)
 

Are you an OpenBSD user? OpenBSD, one of the internets most popular free operating systems allowed attackers to bypass its authentication controls, effectively leaving the keys in the back door, according to an advisory released this week. The developers of the OpenBSD system have already patched the vulnerability. Learn more:
  China Implements Mandatory Facial Recognition Scans For New Cell Phone Users (Dec 4)
 

The government claims that the new requirement will prevent fraud for citizens, but critics see it as the furthering of invasive surveillance measures. What are your thoughts? Learn more in an interesting Security Today article:
  Red Hat Enterprise Linux 7 and CentOS 7 Receive Important Kernel Security Update (Dec 5)
 

Red Hat and CentOS have announced the availability of important kernel security updates for their Red Hat Enterprise Linux 7 and CentOS Linux 7 operating system series that address two security vulnerabilities and numerous other bugs. Learn more:
  61% of malicious ads target Windows users (Dec 2)
 

Did you know that Linux is the least targeted OS by malicious ads, accounting for only 0.3% of all malicious ads recorded in a recent study? Most malvertising campaigns (malicious ads) target Windows users, according to statistics shared last week by cyber-security firm Devcon.Chrome OS is the second most targeted, while Linux is the least. Learn more:
  Canonical Patches Intel Microcode Regression on Ubuntu PCs with Skylake CPUs (Dec 5)
 

Canonical has published a new security advisory today where the company behind the popular Ubuntu Linux operating system apologizes for a regression introduced by the latest Intel microcode firmware update.
  Labor says it will fix encryption laws it voted for last year (Dec 3)
 

This time last year, the Australian Labor Party waved through the government's encryption Bills, formally known as the Assistance and Access Bill , and threw out the line that it was to keep the nation safe. The Labor Party now says it willfix encryption laws it voted for last year,but legislation is unlikely to pass the House of Representatives. What are your thoughts on this proposed legislation and the implications it would have for citizens' privacy? Learn more:
  Aviatrix VPN vulnerability left user endpoints wide open (Dec 5)
 

Aviatrix, a supplier of open source enterprise virtual private networks (VPNs) to customers including BT, Nasa and Shell, has patched a serious vulnerability in its client that could have given an attacker escalation privileges on a machine to which they already had access. Learn more about this vulnerability and its implications for Linux users in an informative Computer Weekly article:
  Sen. Cantwell Leads With New Consumer Data Privacy Bill (Dec 4)
 

There is a lot to like about U.S. Sen. Cantwells new Consumer Online Privacy Rights Act (COPRA). It is an important step towards the comprehensive consumer data privacy legislation that we need to protect us from corporations that place their profits ahead of our privacy. What is your opinion on this bill? We support it! Learn more in an informative EFF article:
  Networking attack gives hijackers VPN access (Dec 9)
 

Researchers have discovered a security flaw in macOS, Linux, and several other operating systems that could let attackers hijack a wide range of virtual private network (VPN) connections. Learn more about this networking attack:
  Strengthen California’s Consumer Data Privacy Regulations (Dec 9)
 

EFF and a coalition of privacy advocates have filed comments with the California Attorney General seeking strong regulations to protect consumer data privacy. The draft regulations are a good step forward, but the final regulations should go further. What are your thoughts on the draft regulations that were published in October? Learn more: