LinuxSecurity.com

LibreOffice 7.2.2 has been released as the second maintenance update to the latest and greatest LibreOffice 7.2 open-source office suite series, and comes with 68 bug fixes. Update now!

The Linux Foundation has raised $10 million in new investments to expand and support its Open Source Security Foundation project. ''This industrywide commitment is answering the call from the White House to raise the baseline for our collective cybersecurity well-being, as well as ''paying it forward' to open source communities to help them create secure software from which we all benefit,'' Jim Zemlin, executive director at the Linux Foundation, said in a statement. ''With the tremendous growth and pervasiveness of open source software, building cybersecurity practices and programs that scale is our biggest task at hand.''

Vulnerabilities in the life cycle of open-source software development can start from tiny crumbs but grow into substantial issues. This week's KubeCon + CloudNativeCon North America in-person and virtual conference put security for open-source development back in the spotlight while also talking up cloud native's rapid rise. Here are the highlights you should know about.

Ubuntu Frame - a new Ubuntu Linux Internet of Things distro - is designed specifically for digital signs and user kiosks, and comes with built-in security through secure client-server communications based on the Wayland protocol and automatic notifications on security vulnerabilities .

Debian GNU/Linux 11.1 has been released as the first point release to the latest and greatest Debian GNU/Linux 11 ''Bullseye'' OS series, featuring 24 security updates and 75 bug fixes.

LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source. "Allowing anyone to sign macro-ridden documents themselves, and make them appear as trustworthy, is an excellent way to trick users into running malicious code."

The newly discovered FontOnLake malware family delivers backdoor and rootkit components to infect Linux systems concealed in legitimate binaries.

Learn about a unique and effective method of securing SSH to help lock down your Linux servers.

A high-severity code injection vulnerability has been disclosed in 23andMe's Yamale, a schema and validator for YAML, that could be trivially exploited by adversaries to execute arbitrary Python code.The flaw, tracked as CVE-2021-38305 (CVSS score: 7.8), involves manipulating the schema file provided as input to the tool to circumvent protections and achieve code execution.

Developers behind the Apache HTTP Server Project are urging users to apply a fix immediately to resolve a zero-day vulnerability.

The first Arch Linux ISO image powered by the latest and greatest Linux 5.14 kernel series has been released with much-improved EXT4 and F2FS filesystems, the core scheduling functionality to better protect you against some of those nasty Spectre vulnerabilities, and more!

The Secure Open Source (SOS) Rewards pilot program, run by the Linux Foundation, will reward developers with potentially more than $10,000 for enhancing the security of critical open-source software.

Exclusive Interview with CrowdSec CEO Philippe HumeauWith the widespread adoption of cloud and container infrastructure, protecting servers, services, containers and virtual machines exposed on the Internet with a reliable, intelligent intrusion prevention system is more important than ever. Cloud-native environments foster rapid growth and innovation, but also introduce an element of added complexity, along with new security challenges.

It has been discovered that the RansomExx ransomware gang does not correctly lock Linux files during encryption, leading to potentially corrupted files.

Security researcher and Linux kernel contributor Alexander Popov has proposed a new kernel option called "pkill_on_warn" that would kill all threads in a process if that process provoked a kernel warning. This wouldn't change the default kernel behavior but if/when the patch is merged, booting the kernel with pkill_on_warn=1 would enable this new behavior to kill processes causing kernel warnings.

An Ubuntu Linux kernel security update fixes 12 security vulnerabilities affecting the Linux 5.4 LTS kernel in Ubuntu 20.04 LTS and Ubuntu 18.04 LTS systems, as well as the Linux 5.11 kernel in Ubuntu 21.04 systems on all supported architectures and platforms.

Generating much excitement back in 2018 was bpfilter for the potential to better Linux's firewall and packet filtering by making it more robust and performance. Recently work on this BPF-based firewall solution was renewed and the performance potential over iptables and nftables is looking very good for the future with more feature work planned around new matches and targets, containers integration, in-place upgrades support, privilege separation, and BPF code optimization support.

Are you concerned by the rise in Linux malware? Worried about your online presence? Then maybe it's time to go for one of the secure, privacy-focused Linux distros introduced in this article.

With the modern ways of storing and sharing information, businesses face multiple challenges in protecting their online assets. An institution's sensitive information is at risk; thus it becomes important for them to conduct a thorough IT security audit.

Most Linux distros are currently coming up short from offering adequate security around full disk encryption and authenticated boot. Prominent Linux developer Lennart Poettering even argues that your data is "probably more secure if stored on current ChromeOS, Android, Windows or macOS devices."