Thank you for subscribing to our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week’s most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.


Today’s newsletter highlights our two most recent feature articles: Know the Enemy: Upgrade Your Threat Detection Strategy with Honeynets and New Report: Severe Flaws in Cyberoam’s Firewall and VPN Technology Left at Least 86,000 Networks Vulnerable to Exploit. We also examine various topics including a dangerous new strain of Linux ransomware dubbed “Tycoon” and a new toolkit released by IBM - which will soon be available for Linux - that aims to give developers easier access to fully homomorphic encryption, a technology that protects sensitive data by allowing for computation and analysis of data while keeping it encrypted. Happy Monday - and happy reading!

New Report: Severe Flaws in Cyberoams Firewall and VPN Technology Left At Least 86,000 Networks Vulnerable to Exploit - A new report published by vpnMentor examines two critical vulnerabilities in cybersecurity provider Cyberoam s firewall and VPN technology, which - both independently and combined - could be exploited by malicious actors to access the companys email quarantine system without authentication and remotely execute arbitrary commands. These flaws were discovered by different security researchers working independently, and have both been patched by Sophos .

Know The Enemy: Upgrade Your Threat Detection Strategy with Honeynets - Honeynets are an invaluable offensive security tool for learning the tactics and motives of the blackhat community and sharing the information and insights gathered. This article will explore what a Honeynet is, its value, how it works and the risks involved with deploying a Honeynet. It will also examine some great open-source honeynet options your organization may wish to consider.

  Lawsuit accuses Google of tracking users in Incognito mode (Jun 3)
 

Are you a Google Chrome user? Have you heard that a proposed class action lawsuit filed against Google is accusing the company of violating federal wiretap laws by tracking users online activities even when theyre in Incognito mode?
  New software security tool to detect bugs in OS (Jun 1)
 

Have you heard about the Universal Serial Bus (USB) - a portable, flexible, and modular framework for fuzz testing USB drivers? It can be used toidentify vulnerabilities in the USB driver stacks of widely used operating systems, including Linux.
  Linus Torvalds rejects 'beyond stupid' AWS-made Linux patch for Intel CPU Snoop attack (Jun 4)
 

After much debate, Linus Torvalds has rejected a controversial patch to address potential leaks of secrets from a CPU's cores.
  Github uncovers malicious ‘Octopus Scanner’ targeting developers (Jun 1)
 

Have you heard about 'Octopus Scanner', a dangerous strain of malware targeting developers on Github? Github has stated: "Since the primary-infected users are developers, the access that is gained is of high interest to attackers since developers generally have access to additional projects, production environments, database passwords, and other critical assets. There is a huge potential for escalation of access, which is a core attacker objective in most cases."
  Why Linux Adoption Skyrocketed in 2020 (Jun 3)
 

Linux has long been considered the underdog of the desktop operating system world; however,Linux adoption is now improving at a rapid pace.
  Cooking up secure code: A foolproof recipe for open source (Jun 4)
 

Thanks to our friends at Help-Net Security for this submission.
  Firefox fixes cryptographic data leakage in latest security update (Jun 4)
 

Have you heard about the cryptographic data leakage in Firefox's latest security update? It has now been fixed. Learn how to check if you have the update - and be sure to install it immediately if you do not.
  Latest BlackArch Linux ISO Adds More Than 150 New Hacking Tools, Linux 5.6 (Jun 2)
 

Are you an ethical hacker or pentester? If so, you'll want to check out the latest BlackArch Linux ISO release, which is now available for download with more than 150 new ethical hacking and penetration testing tools, a new kernel, and many other improvements.
  A new Java-based ransomware targets Windows and Linux (Jun 5)
 

Security researchers have discovered a dangerous new strain of ransomware targeting Linux and Windows systems that uses a Java file format, making it highly difficult to detect before it detonates its file-encrypting payload.
  Ubuntu Linux Overtakes Windows XP, Only Sky Is the Limit Now (Jun 2)
 

Ubuntu is currently the most popular Linuxdistro, andhas recently managed to overtake the Windows XP.
  IBM releases toolkit aimed at keeping data encrypted even while in use (Jun 8)
 

IBM's new toolkit, which will soon be available for Linux, aims to give developers easier access to fully homomorphic encryption,a technology that protects sensitive data by allowing for computation and analysis of data while keeping it encrypted.
  Linux and Windows systems targeted by new Tycoon ransomware (Jun 8)
 

Have you heard about the dangerous new ransomware strain dubbed "Tycoon" that is targeting Linux and Windows systems across a number of industries?