Thank you for reading our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week's most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.

Today’s newsletter highlights our two most recent feature articles: Secure Linux Hosting for Businesses and What Is Threat Intelligence? We also examine various topics including how the Necro Python bot is evading traditional security detection by morphing and a new survey revealing how enterprises handle the security concerns of vulnerability detection and patch management. Happy Monday - and happy reading!

Yours in Open Source,

Brittany Signature 150

LinuxSecurity.com Feature Extras:

Secure Linux Hosting for Businesses - Linux prevails as the most popular OS among hosting providers - and for good reason. Linux is secure by design , cost-efficient, compatible with the majority of key programming languages used worldwide and offers high levels of customization. 

What Is Threat Intelligence? - Threat intelligence (or threat intell) is information used to understand past, present, and future threats targeting an organization. It is evidence-based knowledge about a previous, existing or emerging threat to organizational assets. 

  How a malicious bot tries to evade detection by morphing (Jun 7)
 

The Necro Python bot - which targets both Linux and Windows systems - changes its code to evade traditional security detection. Learn the details, and get advice on how to secure your systems.
  Everything You Need to Know About Using Tor Browser on Linux (Jun 7)
 

Want to protect your privacy online? Here's how to get started with Tor browser, a free and open-source web browser that helps you browse the web anonymously.
  As Linux Foundation's Zephyr Project Turns Five, Addressing Constrained Device Challenges is More Important Than Ever (Jun 8)
 

As the Linux Foundation's Zephyr Project celebrates its fifth anniversary, it has become apparent that addressing constrained device security challenges is more critical than ever. Luckily, the Zephyr Project is rising to meet these challenges. Learn how.
  Kali Linux 2021.2 Released for Ethical Hackers with New Tools, Raspberry Pi Improvements (Jun 8)
 

Offensive Security has announced the release of Kali Linux 2021.2 as the latest version of this Debian-based distro for ethical hacking and penetration testing. This release comes with a selection of new tools, and Raspberry Pi improvements. Learn the details.
  MX Linux: A Great Linux Distro Designed with the User in Mind (Jun 9)
 

Looking for s secure, reliable and user-friendly Linux distro? MX Linux is an impressive Linux distro with Xfce desktop environment as the default. It is lightning fast, stable and yet still offers modern versions of the software you might expect from other Linux distros.
  Ring Changed How Police Request Door Camera Footage: What it Means and Doesn’t Mean (Jun 10)
 

Amazon Ring has  announced  that it will change the way police can request footage from millions of doorbell cameras in communities across the country. "Rings small reforms invite  bigger questions: Why does a customer-focused technology company need to develop and maintain a feature for law enforcement in the first place? Why must Ring and other technology companies continue to offer police free features to facilitate surveillance and the transfer of information from users to the government?"
  Vulnerability Detection and Patching: A Survey Of The Enterprise Environment (Jun 9)
 

Detecting vulnerabilities and managing the associated patching is challenging even in a small-scale Linux environment. Scale things up and the challenge becomes almost unsurmountable. There are approaches that help, but these approaches are unevenly applied. Learn what a new survey reveals about how enterprises handle the security concerns of vulnerability detection and patch management.
  Linux system service bug lets you get root on most modern distros (Jun 11)
 

Unprivileged attackers can get a root shell by exploiting an authentication bypass vulnerability in the polkit auth system service installed by default on many modern Linux distributions. This  polkit  local privilege escalation bug (tracked as  CVE-2021-3560 ) was publicly disclosed, and a fix was released on June 3, 2021.
  Google fixes sixth Chrome zero-day exploited in the wild this year (Jun 10)
 

Google has released Chrome 91.0.4472.101 for Windows, Mac, and Linux, fixing 14 security vulnerabilities, including one zero-day vulnerability exploited in the wild (tracked as CVE-2021-30551). This marks the sixth Chrome zero-day exploited in the wild this year.