Thank you for reading our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week's most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.

Today’s newsletter highlights our two most recent feature articles: CrowdSec: An Innovative Open-Source Massively Multiplayer Firewall for Linux and How To Secure the Linux Kernel. We also examine various topics including the release of LibreOffice 7.1 with an array of new features and improvements and a new critical rated Linux\Unix vulnerability you can't afford to ignore. Happy Monday - and happy reading!

Yours in Open Source,

Brittany Signature 150

LinuxSecurity.com Feature Extras:

CrowdSec: An Innovative Open-Source Massively Multiplayer Firewall for Linux - CrowdSec is a massively multiplayer firewall designed to protect Linux servers, services, containers, or virtual machines exposed on the Internet with a server-side agent. It was inspired by Fail2Ban and aims to be a modernized, collaborative version of that intrusion-prevention tool.

How To Secure the Linux Kernel - This article will examine the importance of robust kernel security and explore various measures that administrators can take to secure the Linux kernel and protect their systems from malware and other exploits.

  New Chrome Browser 0-day Under Active Attack—Update Immediately! (Feb 5)
 

Google has patched a zero-day vulnerability in its widely used Chrome web browser for desktop that it reports is being actively exploited in the wild. Patches have been release for Linux, Windows and Mac - update immediately!
  Open source: Google wants new rules for developers working on 'critical' projects (Feb 5)
 

If your open-source software project is deemed "critical", you could be facing a lot more work and responsibility in the future. Some of Google's top engineers have proposed new 'norms' that they feel could help secure "critical" open-source projects.
  GnuPG crypto library can be pwned during decryption – patch now! (Feb 1)
 

A serious flaw in the GnuPG crypto library can be pwned during decryption, potentially resulting in Remote Code Execution (RCE). Patch now!
  Secure to the core: IoT Ubuntu Core Linux 20 released (Feb 3)
 

Ubuntu Core 20 - the latest embedded Ubuntu Linux - makes a particular point of securing the OS against all attackers.
  Countless emails wrongly blocked as spam after Cisco's SpamCop failed to renew domain name at the weekend (Feb 2)
 

SpamCop - Cisco's anti-spam service - failed to renew spamcop.net over the weekend, causing it to lapse and resulting in countless messages being falsely labeled and rejected as spam around the world.
  New Cryptojacking Malware Targeting Apache, Oracle, Redis Servers (Feb 1)
 

The evasive new Pro-Ocean cryptojacking malware is sidestepping security defenses and targeting Apache, Oracle and Redis servers.
  A New Linux Malware Targeting High-Performance Computing Clusters (Feb 3)
 

Kobalos - A devious new Linux malware - targets high-performance supercomputers and enables attackers to execute arbitrary commands on systems remotely.
  AlmaLinux, the CentOS Linux replacement, beta is out (Feb 2)
 

AlmaLinux - the enterprise-level Linux distro created as an alternative to CentOS - has been released in beta with most RHEL packages. Get the detais on this release.
  CrowdSec - an open-source massively multiplayer for Linux (Feb 4)
 

CrowdSec is (and will always remain) an open-source & free security solution able to analyze visitor behavior & provide an adapted response to all kinds of attacks. The solution also enables users to protect each other. Each time an IP is blocked, all community members are informed so they can also block it. 
  The open-source Magma project will become 5G's Linux (Feb 4)
 

Facebook's Magma brings open-source mobile cores to carrier-grade LTE and 5G. Moving ahead, Magma will run with the Linux Foundation using a vendor-neutral governance framework.
  LibreOffice 7.1 Open-Source Office Suite Officially Released, This Is What’s New (Feb 8)
 

The Document Foundation has released the LibreOffice 7.1 open-source and cross-platform office suite for all supported platforms - a major release that introduces an array of new features and improvements.
  The Linux Flaw you can’t afford to Ignore (CVE-2021-3156) (Feb 8)
 

Like any OS, Linux and Unix OSes require regular patching - but as security professionals, ethical hackers, and criminal hackers will tell you, regular Linux and Unix patching is often neglected. Learn about a new critical rated Linux\Unix vulnerability you can't afford to ignore.