Thank you for subscribing to our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week’s most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.


Today’s newsletter highlights our two most recent feature articles: Open Source Intelligence, Security Hacking, and Security Blogger Dancho Danchev and Know Your Enemy: Honeynets. We also examine various topics including a bug bounty program which offers hackers up to $100,000 if they are able to break the security of Microsoft’s Azure Sphere OS, a recent GoDaddy hack, how to monitor and administer Linux servers via a web browser using Cockpit and how to properly secure sysctl on Linux - explained in a helpful tutorial.  Happy Monday - and happy reading!

Open Source Intelligence, Security Hacking, and Security Blogger Dancho Danchev - Open Source Intelligence (OSINT), is a tactic used to learn about information relevant to protecting an organization from external and internal threats using publically accessible data. Being able to identify information that could potentially be used against an organization provides actionable insight that could reduce the risk that organization may face. Its an early warning system used to forecast and signal a potential threat.

Know Your Enemy: Honeynets - Honeynets are an invaluable offensive security tool for learning the tactics and motives of the blackhat community and sharing the information and insights gathered. This article will explore what a Honeynet is, its value, how it works and the risks involved with deploying a Honeynet.

  Mozilla’s handy new Firefox extension generates burner email addresses on-demand (May 4)
 

Are you a Firefox user? Have you heard that Mozilla has launched a new email relay service called Firefox Private Relay ?The idea is toprovide an email alias wherever a company or a service asks for your email address, so that you can avoid giving out your actual address and protect your identity.
  Ubuntu 20.04: Welcome to the future, Linux LTS disciples (May 4)
 

With the release of Ubuntu 20.04, ZFS gets more accessible, security becomes a bigger priority, and Ubuntu speeds up overall.
  New Kaiji malware targets IoT devices via SSH brute-force attacks (May 7)
 

Another dangerous strain of malware targeting Linux servers has been identified. Dubbed Kaiji, this variant was developed for the sole purpose of launching DDoS attacks.
  Microsoft offers $100,000 to hack its custom Linux OS (May 6)
 

Microsoft is offering hackers up to $100,000 if they can break the security of the companys custom Linux OS. The software giant built a compact and custom version of Linux last year for its Azure Sphere OS, which is designed to run on specialized chips for its Internet of Things (IoT) platform. The OS is purpose-built for this platform, ensuring basic services and apps run isolated in a sandbox for security purposes.
  Microsoft offers bug hunters $100K to hack its Linux smart home software (May 8)
 

Researchers have three months to find problems in the software for net-connected devices like baby monitors and refrigerators.
  Firefox update offers better password security and proper Zoom support (May 5)
 

Do you use Firefox as your web browser? Have you heard that the latest version of Firefox will now alert you of security breaches and protect your saved passwords?
  GoDaddy suffers hack of SSH credentials (May 8)
 

Have you heard that GoDaddy has admitted customer usernames and passwords for connecting remotely to Linux servers via SSH have been compromised, forcing providers to reset passwords on 28,000 accounts?
  Black Hat USA and DEF CON Cancelled Due to #COVID19 (May 11)
 

Both Black Hat USA and DEF CON have been cancelled due to COVID-19, turning a notorious DEF CON joke on its head.