Thank you for reading our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week's most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.

Today’s newsletter highlights our two most recent feature articles: 21Nails: Multiple Critical Vulnerabilities Discovered in Exim Mail Server - Patch Now! and Protect Your WordPress Sites with CrowdSec. We also examine various topics including an important Linux Mint update and a set of dangerous vulnerabilities discovered in the Exim mail server that could result in remote code execution, privilege escalation to root and lateral movement through a victims environment if left unpatched. Happy Monday - and happy reading!

Yours in Open Source,

Brittany Signature 150

LinuxSecurity.com Feature Extras:

21Nails: Multiple Critical Vulnerabilities Discovered in Exim Mail Server - Patch Now! - The Qualys Research Team has discovered multiple critical vulnerabilities in the popular Exim mail server, which they have named 21Nails.  Some of these flaws can be chained together to obtain full remote unauthenticated code execution and gain root privileges.

Protect Your WordPress Sites with CrowdSec - The CrowdSec team is expanding the capabilities of their open-source and free security solution by finalizing the release of its brand new application bouncer on the WordPress marketplace. 

  The 10 Best Linux Server Distributions (May 4)
 

Looking for a reliable and secure Linux server distribution? Here are 10 great choices to consider.
  Linux Mint 18.x reaches end of life, upgrade now (May 3)
 

Mint users: Linux Mint 18.x has reached end of life (EOL). If you are running Linux Mint 18, 18.1, 18.2, or 18.3, your OS will continue to work but youll no longer receive important security updates from the repositories. Update now to  ensure your system remains secure!
  Linux's Technical Advisory Board reports on the UMN 'Hypocrite Commits' patches (May 6)
 

The Linux Foundation Technical Advisory Board reports on what was found in its complete examination of University of Minnesota patches, putting out the fire between the Linux kernel community and the University of Minnesota (UMN).
  How to Configure the Firewall in Ubuntu With UFW (May 3)
 

Want to take your system security to the next level? Learn how to set up a firewall using the ufw command in Ubuntu in this tutorial.
  Putting an Ultra-Tiny Linux Board in a Phone Charger…Eventually (May 7)
 

A project that aims to put an ultra-tiny Linux board in a standard USB wall charger is in the works. Such a device could be installed at a target location and phone home over the Internet, providing a back door into what might be an otherwise secure network.
  Raft of Exim Security Holes Allow Linux Mail Server Takeovers (May 6)
 

A set of dangerous vulnerabilities have been discovered in the Exim mail server. Remote code execution, privilege escalation to root and lateral movement through a victims environment are all on offer for the unpatched or unaware.
  How to set up a CrowdSec multi-server installation (May 4)
 

Learn how to set up a CrowdSec multi-server installation to secure Internet-exposed Linux services, servers, containers, or virtual machines in this tutorial.
  How to integrate Linux Malware Detection and ClamAV for automated malware detection on Linux servers (May 7)
 

Learn how to install both Linux Malware Detection and ClamAV on your Linux systems for a reliable one-two punch of malware and virus prevention in this tutorial.
  10 monitoring tools for Linux system administrators you should know about (May 5)
 

Learn about 10 great Linux system monitoring tools that can improve security, while making your life as an admin easier!
  Understanding Linux File Permissions (May 5)
 

Learn about Linux file permissions and how they can be changed using the  chmod  command in this Linuxize tutorial.