Advisories

Linux Security Week

Get the latest open source security news delivered to your mailbox each week. Our 'Linux Security Week' newsletter summarizes the most notable security issues
and the latest developments within the Linux and open source communities. It is distributed every Monday morning by the editorial staff at Guardian Digital.

Linux Security Week: November 16th, 2020

Linux Security Week: November 16th, 2020

Thank you for subscribing to our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week’s most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.


Today’s newsletter highlights our two most recent feature articles: Wireguard Brings Speed and Simplicity to VPN Technology and Open Source is Revolutionizing Careers in Cybersecurity: What You Need to Know. We also examine various topics including an important Google Chrome update mitigating multiple zero-day vulnerabilities being exploited by attackers, the new PLATYPUS attack targeting Intel SGX users and how to set up a secure FTP server using SSL/TLS on Ubuntu. Happy Monday - and happy reading!

WireGuard Brings Speed and Simplicity to VPN Technology - This article will briefly explore VPN protocols and potential concerns when implementing a VPN, and will dive deeper into the unique benefits that Wireguard offers users.

Open Source is Revolutionizing Careers in Cybersecurity - What You Need to Know - As technology companies are scrambling to meet businesses and consumers evolving needs, one trend has become clearly apparent: Open Source is at the forefront of modern technological innovation, revolutionizing careers available in the field of cybersecurity in the process. 


  Gitpaste-12 Worm Targets Linux Servers, IoT Devices (Nov 9)
 

The newly discovered Gitpaste-12 worm exploits GitHub and Pastebin to house component code, and harbors 12 different initial attack vectors.

  Linux version of RansomEXX ransomware discovered (Nov 9)
 

Security researchers have discovered a Linux version of the human-operated Windows RansomEXX ransomware. This marks the first time that a major Windows ransomware strain has been ported to Linux to aid hackers in their targeted intrusions. 

  CBL-Mariner: Microsoft's internal Linux distribution for Azure first-party services and edge appliances (Nov 12)
 

Microsoft's Linux Systems Group has developed CBL-Mariner, a Linux distro for internal use that is available on GitHub.

  Colossal Intel Update Anchored by Critical Privilege-Escalation Bugs (Nov 11)
 

In a monumental update, Intel has released 40 security advisories, addressing critical- and high-severity flaws across its Active Management Technology, Wireless Bluetooth and NUC products.

  Why Linux Should Factor Into Your Security Strategy (Nov 13)
 

Linux is a  pervasive operating system "and for good reason. Its lightweight, flexible, multi-architecture supportive and open source, all leading to loads of opportunity. Security is one of the main reasons Linux is chosen. In some ways, it can be a more stable and secure base OS to start from, no matter the use case.

  Intel SGX users need CPU microcode patch to block PLATYPUS secrets-leaking attack (Nov 13)
 

The new PLATYPUS attack can be used to access and leak encryption keys and other sensitive information from the Linux kernel's memory or Intel SGX enclaves. In response to PLATYPUS, Linux kernel developers have released a security update that revokes unprivileged access to energy consumption data.

  New Platypus attack can steal data from Intel CPUs (Nov 11)
 

Security researchers have discovered a new attack method dubbed "Platypus" that can extract data from Intel CPUs. Intel has now released microcode updates to prevent malicious actors from exploiting the Intel RAPL mechanism with Platypus.

  How to send Linux application logs to AWS CloudWatch (Nov 10)
 

AWS CloudWatch is a useful monitoring service provided by the AWS cloud. It provides default monitoring for server parameters like CPU Utilization, Network In, Network Out, etc. Learn how to send Linux application logs to AWS CloudWatch in this HowtoForge tutorial.

  How to switch an old Windows laptop to Linux (Nov 10)
 

Dont toss your old Windows laptop " give it a new OS! In the words of security expert Steven Vaughan-Nichols: "Desktop Linux can run on your Windows 7 (and older) laptops and desktops. Machines that would bend and break under the load of Windows 10 will run like a charm. And todays desktop Linux distributions are as easy to use as Windows or macOS."

  How to set up Wireguard VPN on CentOS 8 (Nov 12)
 

Wireguard is an open-source cross-platform VPN implementation that uses state of the art cryptography and provides faster, simpler and more functional VPN tunneling than the IPSec and OpenVPN protocols. Learn how to set up Wireguard on CentOS 8 in this HowtoForge tutorial.

  Setting Up a Secure FTP Server using SSL/TLS on Ubuntu (Nov 16)
 

This tutorial examines how to secure a FTP server using SSL/TLS in Ubuntu 16.04/16.10.

  Google Chrome Update Gets Serious: Homeland Security (CISA) Confirms Attacks Underway (Nov 16)
 

The CISA has confirmed that attackers are exploiting mutiple zero-day vulnerabilities in Google Chrome, and urges Linux, Windows and Mac users to update immediately.

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.