Thank you for subscribing to our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week’s most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.

Today’s newsletter highlights our two most recent feature articles: Linux Malware: The Truth About This Growing Threat [Updated] and New Report: Severe Flaws in Cyberoam’s Firewall and VPN Technology Left at Least 86,000 Networks Vulnerable to Exploit. We also examine various topics including advice for getting started with web app pen testing, new security research revealing that Intel’s speculative execution flaws go deeper and are even harder to fix than we thought and how to create encrypted filesystems in Linux using Cryptmount. Happy Monday - and happy reading!

Linux Malware: The Truth About This Growing Threat [Updated] - How to Protect Your Linux System Against Malware and Other Dangerous Attacks If youve been keeping up with security news, you may have noticed that it seems as if there have been an increasing number of attacks on Linux recently - Cloud Snooper, EvilGnome, HiddenWasp, QNAPCrypt, GonnaCry, FBOT and Tycoon serving as prime high-profile examples. This observation is somewhat counterintuitive, as Linux is generally regarded as a highly secure operating system. So what exactly has been going on lately, and are these attacks being blown out of proportion by the media? Is Linux still a viable OS for security-conscious users? LinuxSecurity.com aims to put the recent attacks on Linux into context, provide some background on Linux malware and shed some light on these questions in this article.

New Report: Severe Flaws in Cyberoams Firewall and VPN Technology Left At Least 86,000 Networks Vulnerable to Exploit - A new report published by vpnMentor examines two critical vulnerabilities in cybersecurity provider Cyberoam s firewall and VPN technology, which - both independently and combined - could be exploited by malicious actors to access the companys email quarantine system without authentication and remotely execute arbitrary commands. These flaws were discovered by different security researchers working independently, and have both been patched by Sophos .

  Hyper-threading disabled for VMs (Linux) on Chrome OS (Jun 11)
 

Remember, more than two years ago, when Intels CPUs were exposed to a critical security flaw that practically turned the PC industry on its head? No? No worries. You arent alone.
  Plundering of crypto keys from ultrasecure SGX sends Intel scrambling again (Jun 12)
 

For the past two years, Intel CPUs have been under siege by an unending series of attacks that make it possible for cybercriminals to pluck passwords, encryption keys, and other secrets out of silicon-resident memory. New security research reveals thatIntel's speculative execution flaws go deeper and are even harder to fix than we initially thought.
  Ubuntu opens the door to talking with Linux Mint about Snap (Jun 10)
 

Are you an Ubuntu user? What are your thoughts on how the distro has been dealing with the Chromium web browser in Snap?
  How open source software vulnerabilities create risk for organizations (Jun 9)
 

Security flaws in open source software have increased and can take a long time to be added to the National Vulnerability Database, says RiskSense.
  IBM won’t develop facial recognition tech for mass surveillance anymore (Jun 9)
 

IBM has announced that it wont offer or develop general-purpose facial recognition technology to encourage responsible usage of tech by law enforcement. The company has been a major player in the field for years, offering several solutions.
  Linux and Windows systems targeted by new Tycoon ransomware (Jun 8)
 

Have you heard about the dangerous new ransomware strain dubbed "Tycoon" that is targeting Linux and Windows systems across a number of industries?
  IBM releases toolkit aimed at keeping data encrypted even while in use (Jun 8)
 

IBM's new toolkit, which will soon be available for Linux, aims to give developers easier access to fully homomorphic encryption,a technology that protects sensitive data by allowing for computation and analysis of data while keeping it encrypted.
  Data61's seL4 security enforcement now available to the RISC-V ecosystem (Jun 9)
 

Have you heard that CSIRO has announced the completion of the proof of implementation correctness of the open-source seL4 microkernel for the RISC-V ISA?
  2019 was a record year for OSS vulnerabilities (Jun 9)
 

Total vulnerabilities in OSS more than doubled in 2019 - suggesting that while open-source code is often considered more secure than commercial software,OSS vulnerabilities are on the rise and may be a blindspot for many organizations.