Thank you for reading our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week's most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.

Today’s newsletter highlights our two most recent feature articles: A Linux Admin's Getting Started Guide to Improving PHP Security and Linux Pentesting: What Is It and How Can It Improve Network Security? We also examine various topics including the deveopment of AlmaLinux - CloudLinux's alternataive for CentOS - and the Linux Foundation's advice for avoiding future SolarWinds type attacks. Happy Monday - and happy reading!

Yours in Open Source,

Brittany Signature 150

LinuxSecurity.com Feature Extras:

A Linux Admin's Getting Started Guide to Improving PHP Security - This article will examine how you can configure and run PHP securely to mitigate the risk of attacks and compromise, secure web applications, protect user privacy and maintain a secure and properly functioning Linux web server.

Linux Pentesting: What Is It and How Can It Improve Network Security? - This article will introduce the concept of pentesting to improve and verify network security, explain basic pentesting methodology and explore some excellent pentesting tools, distros and OSes available to Linux users in 2021.

  Linux machines again targeted by hackers with new memory loader (Jan 11)
 

Linux has become a popular target among cybercriminal groups, who have started infecting Linux machines via a fileless malware installation technique that until recently was more commonly used against Windows-based systems.
  SolarWinds defense: How to stop similar attacks (Jan 15)
 

The Linux Foundation has offered suggestions on how we can avoid SolarWinds type attacks in the future. Doing so won't be easy - but it must be done.
  CloudLinux readies CentOS Linux replacement: AlmaLinux (Jan 15)
 

AlmaLinux, CloudLinux's new business Linux distro based on RHEL and CentOS, will be released in the first quarter of 2021.
  This Decade's Most Significant Security Vulnerabilities at a Glance (Jan 14)
 

Thank you to Skynats for contributing this article. This past decade has been plagued with security vulnerabilities. Lets have a look at the top vulnerabilities that have recently crippled the IT world. 
  Security-Focused Tails OS Plans To Switch From Xorg To Wayland (Jan 12)
 

Exciting things are in store for Tails OS users in 2021, as the Tails OS team plans to improve some core features of the privacy- and security-focused OS, especially for censorship circumvention.
  StackRox Acquisition By Red Hat Underscores The Significance Of DevSecOps (Jan 12)
 

RedHat's acquisition of StackRox underscores the growing significance of DevSecOps. "DevSecOps, the best of DevOps and security operations, is becoming a top priority for enterprise customers. StackRox, with its integration with existing DevOps and CI/CD tools, delivers seamless DevSecOps for Kubernetes."
  Microsoft Defender for Linux now has endpoint detection and response security (Jan 13)
 

Microsoft Defender for Linux - Microsoft's server-based Linux security program - is now ready to protect your Linux servers, Windows desktops, and Macs with endpoint detection and response capabilities.
  What must be done to bring Linux to the Apple M1 chip (Jan 14)
 

Linus Torvalds would love to run Linux on an M1-powered Mac, and a crowd-sourced project is trying to port Linux to Apple's newest, but top Linux kernel developer Greg Kroah-Hartman warns that it won't be easy. That being said, "With some luck and a lot of hard work, Linux users may eventually run Linux users' favorite OS on the next-generation of their favorite Apple hardware."
  Nvidia has patched several serious security flaws affecting Windows and Linux devices (Jan 11)
 

Nvidia has patched several serious security vulnerabilities affecting Windows and Linux devices. These flaws could lead to privilege escalation or denial of service if left unpatched.
  5 advanced rsync tips for Linux sysadmins (Jan 13)
 

Linux sysadmins: learn how to use rsync compression and checksums to better manage file synchronization.
  CloudLinux CentOS Replacement Available this Quarter, Named AlmaLinux (Jan 18)
 

A free, community-driven  fork of Red Hat Enterprise Linux, AlmaLinux will serve as drop-in alternative for CentOS PALO ALTO, Calif., January 12, 2021 -- CloudLinux has named the free CentOS replacement AlmaLinux, which will be available in the first quarter this year. 
  Linux Mint fixes screensaver bypass discovered by two kids (Jan 18)
 

The Linux Mint project has patched a security flaw discovered by two kids that could have allowed a threat actor to bypass the OS screensaver and its password and access locked desktops. Linux Mint is now working on adding a setting that will let users disable the on-screen keyboard, which would make mitigating future bugs in this component easier until patches are generally available.