Thank you for reading our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week's most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.

Today’s newsletter highlights our two most recent feature articles: Introducing Crowdsec: A Modernized, Collaborative Massively Multiplayer Firewall for Linux and Member Profile: My Expedition Through nmap Lab How to get through the NMAP room in Tryhackme. We also examine various topics including the dangerous new cryptocurrency-mining WatchDog botnet targeting both Linux and Windows servers and a severe, persistent security issue and user privacy concern observed in cheap security cameras and baby monitors. Happy Monday - and happy reading!

Yours in Open Source,

Brittany Signature 150

LinuxSecurity.com Feature Extras:

Introducing Crowdsec: A Modernized, Collaborative Massively Multiplayer Firewall for Linux - CrowdSec is a massively multiplayer firewall designed to protect Linux servers, services, containers, or virtual machines exposed on the Internet with a server-side agent. It was inspired by Fail2Ban and aims to be a modernized, collaborative version of that intrusion-prevention tool.

Member Profile: My Expedition Through nmap Lab How to get through the NMAP room in Tryhackme - Thank you to Oyelakin Timilehin Valentina for contributing this article. Our newest member Valentina, a Nigerian cybersecurity professional, recently went through the Tryhackme online learning platform, and shares her experiences, as well as a few quick tips on using nmap.

  Windows and Linux servers targeted by new WatchDog botnet for almost two years (Feb 18)
 

Both Linux and Windows servers are being targeted by the dangerous new WatchDog botnet, which uses exploits to take over servers and mine cryptocurrency.
  Microsoft Azure and Canonical Ubuntu Linux have a user privacy problem (Feb 16)
 

Security advisor Luca Bongiorni spun up an Ubuntu Linux instance on Azure and was extremely annoyed to receive a sales message from a Canonical representative three hours later.  Say what?? Bongiorni openly voiced his frustration, "WHY [did] MICROSOFT FORWARDED TO UBUNTU THAT I SPUN A NEW VM!?!" Customer privacy, what's that?"
  5 Best free to use Linux Server distributions for 2021 (Feb 17)
 

Learn about the selection of excellent - and free! - server distros available to Linux users in 2021.
  Linux 5.11 is out with AMD and Intel improvements (and Linus Torvalds is happy) (Feb 16)
 

Linus Torvalds has released Linux kernel version 5.11 with plenty of support updates for Intel, AMD and Arm-based hardware - and he seems to be content. "In fact, it's a smaller-than-average set of commits from rc7 to final, which makes me happy. And I already have several pull requests lined up for tomorrow, so we're all set for the merge window to start,"  noted Torvalds announcing the release  over the weekend.
  Linux Foundation offers free Node.js class (Feb 19)
 

Node.js is wildly popular - but the open-source JavaScript runtime is not easy to learn. Now is the perfect time to pick it up - the Linux Foundation is offering a free online Node.js  class. 
  Should You Block Connections to Your Network From Foreign Countries? (Feb 15)
 

This LinuxSecurity.com article featured on the frontpage of Slashdot examines the concept of geo filtering and  how it could add a valuable layer of security to your firewall , and explores how the Geolocation for nftables project is leveraging Open Source to provide intuitive, customizable geo filtering on Linux.
  Here’s why you should be wary of installing anything that sets SELinux to permissive (Feb 15)
 

"Considering the irreparable harm that can be inflicted on users targeted by malware on a permissive SELinux environment, we strongly suggest everyone keep it on enforcing unless absolutely necessary." Learn why you should be wary of installing modules and applications that set SELinux to permissive.
  How To Login With A USB Flash Drive Instead Of A Password On Linux Using pam_usb (Fork) (Feb 17)
 

pam_usb  is a PAM module that provides hardware authentication for Linux using ordinary USB flash drives, SD cards, MMC, etc. Learn how to use pam_usb to login with a USB flash drive in this Linux Uprising tutorial.
  How to install PHP 8 on Ubuntu 20.04 LTS Server (Feb 19)
 

Ubuntu users: learn how to instal PHP 8 on your Ubuntu 20.04 LTS server in this Linux Shout tutorial.
  Use WPScan to scan WordPress for vulnerabilities on Kali (Feb 18)
 

Learn how to use WPScan to scan WordPress for vulnerabilities on Kali Linux in this LinuxConfig.org guide.
  To infinity and beyond: Linux and open-source goes to Mars (Feb 22)
 

If all goes well, the first flight on Mars will be made by the Linux-powered Perseverance Mars rover's companion drone helicopter.
  Cheap baby monitors and security cameras – widespread flaw allows remote viewing (Feb 22)
 

New research highlights that cheap baby monitor and security camera vendors prioritize convenience over user security and privacy, building a highly insecure convenience feature that allows anyone to remotely view unencrypted video streams into their products.