Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.

A Critical Exim Vulnerability, Lilocked Ransomware on the Rise, but Linux Not to Blame - Exim may be the Internets most popular email server, but the MTAs recent history with security vulnerabilities is concerning to say the least. This past Friday, the Exim team warned about a critical flaw in its software , affecting all Exim servers running version 4.92.1 and before. When exploited, the bug enables attackers to run malicious code with root privileges. Exim released version 4.92.2 on Friday, September 6, to address the issue, and recommends that users running a prior version of Exim update immediately.

Which Linux Distros Are Most Focused On Privacy? - With over 200 distros to choose from, which one actually offers the most privacy-oriented experience?

  4 open source cloud security tools (Sep 11)
 

Find and eliminate vulnerabilities in the data you store in AWS and GitHub. Learn more in a great Opensource.com article:
  Mozilla increases browser privacy with encrypted DNS (Sep 10)
 

Are you a Firefox user? Mozilla is increasing browser privacy with encrypted DNS. Learn more:
  Critical TLS flaw opens Exim servers to remote compromise (Sep 10)
 

A critical security vulnerability has been discovered in the Exim mail server that requires admins urgent attention. Learn more about the flaw and how to protect your servers:
  Chrome bumps ineffective EV certificates off the omnibar (Sep 10)
 

Have you heard Google is removing EV certificates from the Chrome omnibar? Get the details:
  Chrome 77 released with no EV indicators, contact picker, permanent Guest Mode (Sep 11)
 

Chrome 77 has been released with no EV indicators, contact picker or permanent Guest Mode. Learn more about Chrome 77, which is available for Linux users:
  Why the founder of Apache is all-in on blockchain (Sep 13)
 

In this great OpenSource.com article, Brian Behlendorf talks about starting Apache, the tension between pragmatism and idealism, and why hes excited about blockchain:
  Mozilla Private Network VPN gives Firefox another privacy boost (Sep 13)
 

Is this weeks test pilot launch of Mozilla Private Network bethe moment browser VPNs finally become a must-have privacy feature? Learn more in an interesting Naked Security article:
  Mozilla pilots its VPN service for Firefox desktop users in the US (Sep 11)
 

Are you a Firefox user? Mozilla is officially launching its Firefox Private Network VPN service for desktop users in the US. Learn more in a great The Next Web article:
  Google discloses vulnerability in Chrome OS 'built-in security key' feature (Sep 12)
 

Are you a Chromebook user? If so, make sure you have updated to Chrome OS 75 or laterto receive a fix for a vulnerability in a "built-in security key" feature. Learn more:
  How Cloud-Based Automation Can Keep Business Operations Secure (Sep 16)
 

Cloud computing has the potential to greatly improve an organization's security posture; however, many companies have the tendency to become overly-reliant on cloud computing services like Amazon Web Services to oversee all aspects of security, instead of taking full responsibility for their data security. Learn more:
  Google fixes Chromebook 2FA flaw in ‘built-in security key’ (Sep 16)
 

Are you a Chromebook user? Google has discovered a serious flaw in a Chromebook security feature which allows owners to press their devices power button to initiate U2F two-factor authentication (2FA). Learn more: