Linux Security Week: March 8th, 2021

Advisories

Linux Security Week: March 8th, 2021

Thank you for reading our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week's most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.

Today’s newsletter highlights our two most recent feature articles: How Secure Is Linux? and Get started with CrowdSec v.1.0.X. We also examine various topics including how you can use croc to easily and securely transfer files and folders between computers and five great Linux distros available for Windows Subsystem for Linux (WSL). Happy Monday - and happy reading!

Yours in Open Source,

Brittany Day Signature


LinuxSecurity.com Feature Extras:

How Secure Is Linux? - This article will examine the key factors that contribute to the robust security of Linux, and evaluate the level of protection  against vulnerabilities and attacks that Linux offers administrators and users.

Get started with CrowdSec v.1.0.X - The official release of CrowdSec v.1.0.X introduces several improvements to the previous version, including a major architectural change: the introduction of a local REST API.


  croc Is A Tool For Resumable, Encrypted File And Folder Transfers Between Computers (Command Line) (Mar 5)
 

croc  is a free and open-source command line tool for secure file transfers between computers. It uses relay-assisted peer-to-peer transactions and end-to-end encryption via password-authenticated key exchange. The program is written in Go and is available for Linux, Windows, macOS and *BSD. Learn about croc's key features and see how easy it is to use croc  to send a file or folder in this Linux Uprising tutorial.

  5 Linux Distros You Can Install in Windows Subsystem for Linux (Mar 5)
 

Want to run Linux on Windows? Check out these five great Linux distros available from the Microsoft Store for Windows Subsystem for Linux (WSL).

  Multiple New Security Issues Hit GRUB Bootloader Around Secure Boot (Mar 3)
 

Last summer, the GRUB bootloader was impacted by  "BootHole" with security issues hitting its UEFI Secure Boot support . Now a new round of GRUB2 vulnerabilities affecting its UEFI Secure Boot support have been made public.

  High severity Linux network security holes found, fixed (Mar 4)
 

Five high severity Linux network security vulnerabiities have been found and fixed. Patch your systems immediately to protect your servers against DoS attacks!

  Go malware is now common, having been adopted by both APTs and e-crime groups (Mar 1)
 

There's been a 2,000% increase of new malware written in Go over the past few years. Many of these malware families are botnets targeting Linux and IoT devices to either install crypto miners or enroll the infected machine into DDoS botnets.

  Why it's time to stop setting SELinux to Permissive or Disabled (Mar 3)
 

Too many admins disable SELinux or set it to Permissive on their data center systems, as opposed to spending the necessary time to make the projects they're working on work with SELinux. Jack Wallen warns that admins are playing with fire by shrugging off SELinux, leaving their OSes weakened and susceptible to attacks.

  Linux Mint's Update Manager To Encourage Users To Apply Security Updates (Mar 1)
 

Linux Mint is working on improving its Update Manager in an effort to encourage users to apply security updates.

  Malicious NPM packages target Amazon, Slack with new dependency attacks (Mar 2)
 

Malicious actors are exploiting a new 'Dependency Confusion' vulnerability to target Amazon, Zillow, Lyft, and Slack NodeJS apps and steal Linux/Unix password files and open reverse shells back to the attackers. 

  Linux Mint May Resort to Windows 10-Style Forced Updates (Mar 2)
 

Linux Mint is considering measures to keep users up-to-date - and Windows 10-style forced updates are not out of the question.

  The Ultimate Guide to Secure, Harden and Improve Performance of Nginx Web Server (Mar 4)
 

Learn how to secure, harden and improve the performance of your Nginx web server in this Tecmint tutorial.

  What's the Best Linux Distro for Enhanced Privacy and Security? (Mar 8)
 

This LinuxSecurity.com feature article was recently featured on the frontpage of Slashdot.  While all Linux 'distros' " or distributed versions of Linux software " are secure by design, certain distros  go above and beyond when it comes to protecting users' privacy and security . We've put together a list of our favorite specialized secure Linux distros and spoken with some of their lead developers to find out first-hand what makes these distros so great.

  Linus Torvalds warns: Watch out for this unusually nasty bug in Linux 5.12 rc1 (Mar 8)
 

Linus Torvalds has warned of a nasty security bug in the first release candidate (RC) of the Linux kernel 5.12, which he has deemed a "double ungood" that can have catastrophic consequences for a computer's filesystem.

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.