Thank you for reading our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week's most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.

Today’s newsletter highlights our two most recent feature articles: How To Encrypt Files on Linux and LinuxSecurity User Survey Results: How Do You Compare?. We also examine various topics including three fifteen-year-old vulnerabilities in the iSCSI kernel subsystem which could lead to local privilege escalation, information leakage and Denial of Service (DoS) conditions, and how Endlessh can help secure SSH servers. Happy Monday - and happy reading!

Yours in Open Source,

Brittany Signature 150

LinuxSecurity.com Feature Extras:

How To Encrypt Files on Linux - In this article, we explore the best and most reliable methods of file encryption on Linux.

LinuxSecurity User Survey Results: How Do You Compare? - Wondering how you compare to other LinuxSecurity users? Want to get to know your fellow community members better? If so, be sure to check out this summary of our User Survey results.

  Fifteen-Year-Old Linux Vulnerability Allows Local Privilege Escalation, Information Leak, and Denial of Service (Mar 23)
 

Researchers  have discovered three vulnerabilities capable of granting attackers root privileges on Linux systems if they are able to gain access through other methods. These bugs, which affect the iSCSI kernel subsystem, have existed for more than 15 years. 
  CentOS 7 and RHEL 7 Receive Important Linux Kernel Security Update, 11 Flaws Patched (Mar 23)
 

CentOS Linux 7 and Red Hat Enterprise Linux (RHEL) 7 are vulnerable to over a dozen kernel bugs. Red Hat has issued an important security update mutigating these flaws - patch now!
  Linus Torvalds on where Rust will fit into Linux (Mar 24)
 

Slowly but surely the Rust language is making its way into Linux. Linus Torvalds and Greg Kroah-Hartman offer their perspective into how they see Rust and Linux working together.
  Apache OpenMeetings 6.0 Released With Security Improvements (Mar 24)
 

Apache OpenMeetings is a popular and free alternative for web conferencing software. The release of  OpenMeetings 6.0 features multiple security improvements. 
  Canonical Releases Another Ubuntu Linux Kernel Security Update to Fix 6 Flaws (Mar 25)
 

Canonical has released another Linux kernel security update for Ubuntu to address six vulnerabilities affecting the Linux 5.8 and 5.4 kernels of several Ubuntu releases. Update ASAP to prevent DoS, information leakage and other security threats.
  Endlessh – SSH tarpit (Mar 22)
 

Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner. It keeps SSH clients locked up for hours or even days at a time. Learn about Endlessh and how it helps secure SSH servers.
  7 Principles of DevSecOps With Kubernetes (Mar 25)
 

Learn how Kubernetes can be configured and used to satisfy the seven principles for a successful DevSecOps approach using Kubernetes identified in the  Department of Defense Enterprise DevSecOps Reference Design .
  Linus Torvalds weighs in on Rust language in the Linux kernel (Mar 26)
 

Linus Torvalds and Greg Kroah-Hartman have shared their thoughts with ZDNet's Steven J. Vaughan-Nichols about the possibility of new Linux kernel code being written in  Rust "a high performance but memory-safe language  sponsored  by the Mozilla project. 
  An introduction to Kernel Exploitation Part 1 (Mar 27)
 

Im writing this post because I often hear that kernel exploitation is intimidating or difficult to learn. As a result, Ive decided to start a series of basic bugs and exercises to get you started! Prerequisites Knowledge of the Linux command line Knowing how to read and write basic C may be beneficial Being able to debug with the help of a virtual computer or another system Able to install the kernel module compilation build requirements A basic understanding of the difference between userland and kernelland could be helpful Having a basic understanding of assembly can be beneficial for future episodes For this part, I wrote a simple  Linux character device ,  /dev/shell . This driver will take two arguments,  uid  and  cmd , and it will execute the  cmd  command as the specified  uid . To understand how this driver works, Ill explain a few things!    
  How to use semanage and avoid disabling SELinux (Mar 22)
 

Want to make dealing with SELinux considerably easier? Learn about three semanage commands that will help you accomplish this while not disabling the critical security system in this quick tutorial.
  How to identify potentially vulnerable network daemons on your Linux systems (Mar 26)
 

Learn how to use nmap to identify potentially vulnerable network daemons on your Linux systems - and how others might use it for malicious purposes.
  New Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux Systems (Mar 29)
 

Cybersecurity researchers have identified two new vulnerabilities in Linux-based OSes that, if successfully exploited, could enable attackers to bypass mitigations for speculative attacks such as  Spectre  and obtain sensitive information from kernel memory.