Linux Security Week: June 21st, 2021

Advisories

Linux Security Week: June 21st, 2021

Thank you for reading our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week's most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.

Today’s newsletter highlights our two most recent feature articles: Secure Linux Hosting for Businesses and What Is Threat Intelligence? We also examine various topics including a new Linux kernel security update available to RHEL and CentOS 7 users fixing several vulnerabilities affecting the Intel graphics drivers, and the release of Firefox 89.0.1 to fix various bugs and regressions affecting Linux systems. Happy Monday - and happy reading!

Yours in Open Source,

Brittany Day Signature


LinuxSecurity.com Feature Extras:

Secure Linux Hosting for Businesses - Linux prevails as the most popular OS among hosting providers - and for good reason. Linux is secure by design , cost-efficient, compatible with the majority of key programming languages used worldwide and offers high levels of customization. 

What Is Threat Intelligence? - Threat intelligence (or threat intell) is information used to understand past, present, and future threats targeting an organization. It is evidence-based knowledge about a previous, existing or emerging threat to organizational assets.


  RHEL and CentOS 7 Users Get New Kernel Security Update to Fix Intel Graphics Flaws (Jun 18)
 

RHEL (Red Hat Enterprise Linux)  and CentOS Linux 7 users have received a new Linux kernel security update fixing several vulnerabilities affecting the Intel graphics drivers.

  Firefox 89.0.1 Released to Improve WebRender Performance, Fix Scrollbars on GTK Themes (Jun 18)
 

Mozilla has released Firefox 89.0.1 to fix various bugs and regressions affecting Linux systems. This is a highly recommended update for all users!

  Call for Contributors with Ubuntu/Debian Experience! (Jun 14)
 

Greetings fellow Linux security enthusiasts, Interested in becoming a LinuxSecurity contributor, but need an article topic idea and some guidance to help you get started? 

  Call for Contributors with Knowledge of Linux Firewalls! (Jun 16)
 

Greetings fellow Linux security enthusiasts, Interested in becoming a LinuxSecurity contributor, but need an article topic idea and some guidance to help you get started? 

  Open-source security: Google has a new plan to stop software supply chain attacks (Jun 17)
 

To tackle the growing threat of attacks on the software supply chain, Google has proposed the Supply chain Levels for Software Artifacts framework, or SLSA which is pronounced "salsa". Can Google's 'salsa' make life harder for supply chain attackers? Comment below - we want to hear what you think!

  Linux Commands and Utilities Commonly Used by Attackers (Jun 14)
 

Uptycs ' threat research team has observed several instances of Linux malware where attackers leverage the inbuilt commands and utilities for a wide range of malicious activities. This article explores Linux commands and utilities commonly used by attackers and how you can use  Uptycs EDR detection capabilities  to find if these have been used in your environment.

  Seven Year Old Privilege Escalation Vulnerability Found In Some Linux Distros, Patch Now (Jun 14)
 

A seven-year-old Linux local privilege escalation bug has reared its head and finally gotten a fix. When it was available, exploiting the vulnerability in the polkit authentication service could have allowed attackers to get a root shell on several actively-used  Linux  distros including RHEL 8, Fedora 21 or later and Ubuntu 20.04. Patch now!

  UChecker tool scans Linux servers for outdated libraries (Jun 16)
 

Security teams running  Linux  servers now have access to  UChecker , a new tool offered as part of CloudLinuxs  TuxCare  security services that runs scans on  Linux servers  to detect outdated shared libraries on both disk and in memory.

  Ubuntu Pro launches for Google Cloud (Jun 15)
 

Ubuntu Pro - the premium version of Ubuntu - is now available for Google Cloud users looking for a secure DevOps environment with bug patches and updates guaranteed for 10 years.

  Linux Mint 20.2 beta ISOs undergo testing and are due soon (Jun 15)
 

Linux Mint 20.2 "Uma" beta ISOs are undergo testing and are due soon. As with the other versions in the Linux Mint 20.x series, this update will be supported until April/May of 2025. Once security updates stop, you wont be safe - especially if you connect to the Internet with the device.

  Security-Oriented Alpine Linux 3.14 Released with KDE Plasma 5.22, QEMU 6.0, and More (Jun 17)
 

The security-oriented Alpine Linux distro has been updated to version 3.14, a new stable release featuring KDE Plasma 5.22, QEMU 6.0, and more! 

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.