Thank you for reading our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week's most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.
Today’s newsletter highlights our two most recent feature articles: Secure Linux Hosting for Businesses and What Is Threat Intelligence? We also examine various topics including a new Linux kernel security update available to RHEL and CentOS 7 users fixing several vulnerabilities affecting the Intel graphics drivers, and the release of Firefox 89.0.1 to fix various bugs and regressions affecting Linux systems. Happy Monday - and happy reading!
Yours in Open Source,
LinuxSecurity.com Feature Extras:
Secure Linux Hosting for Businesses - Linux prevails as the most popular OS among hosting providers - and for good reason. Linux is secure by design , cost-efficient, compatible with the majority of key programming languages used worldwide and offers high levels of customization.
What Is Threat Intelligence? - Threat intelligence (or threat intell) is information used to understand past, present, and future threats targeting an organization. It is evidence-based knowledge about a previous, existing or emerging threat to organizational assets.
To tackle the growing threat of attacks on the software supply chain, Google has proposed the Supply chain Levels for Software Artifacts framework, or SLSA which is pronounced "salsa". Can Google's 'salsa' make life harder for supply chain attackers? Comment below - we want to hear what you think!
Uptycs ' threat research team has observed several instances of Linux malware where attackers leverage the inbuilt commands and utilities for a wide range of malicious activities. This article explores Linux commands and utilities commonly used by attackers and how you can use Uptycs EDR detection capabilities to find if these have been used in your environment.
A seven-year-old Linux local privilege escalation bug has reared its head and finally gotten a fix. When it was available, exploiting the vulnerability in the polkit authentication service could have allowed attackers to get a root shell on several actively-used Linux distros including RHEL 8, Fedora 21 or later and Ubuntu 20.04. Patch now!
Security teams running Linux servers now have access to UChecker , a new tool offered as part of CloudLinuxs TuxCare security services that runs scans on Linux servers to detect outdated shared libraries on both disk and in memory.
Linux Mint 20.2 "Uma" beta ISOs are undergo testing and are due soon. As with the other versions in the Linux Mint 20.x series, this update will be supported until April/May of 2025. Once security updates stop, you wont be safe - especially if you connect to the Internet with the device.