Monthly TuxCare Update – December 2021
Welcome to the December installment of our monthly news round-up, bought to you by TuxCare. We’re proud to be the Enterprise Linux industry’s trusted maintenance services provider. Our live patching solutions minimize your maintenance workload and system disruption while at the same time maximizing security and system uptime.
We hope you had a great holiday break and are looking forward to an exciting and hopefully disruption-free 2022. In this latest monthly overview, we’ll begin as usual with a round-up of the latest CVEs that the TuxCare Team has patched for you. We’ll also bring you the latest news, advice, and valuable tips.
CVEs Disclosed in December
CVE 2021-45078 was identified by the Extended Lifecycle Support team. This vulnerability allows for memory corruption and denial of service under specific conditions of binutils functionality, which, in turn, is used by multiple other packages. The fix for the vulnerability is already available.
Also, in the latest batch of updates released by the Extended Lifecycle Support team for the supported Linux distributions, over 90 CVEs were fixed in GNU Binutils.
Enterprise Linux Security Video Podcasts
The TuxCare team’s Enterprise Linux Security podcast continues to offer in-depth topical explanations for the latest hot topics and foundational concepts. Co-hosted by Learn Linux TV’s Jay LaCroix and TuxCare’s very own Joao Correia, there are five new episodes available to view this month.
You can watch the tenth episode where Joao and Jay discuss the worst healthcare breaches of 2021, and some lessons that can be learned from these events here: Enterprise Linux Security Episode 10 – The worst healthcare breaches of 2021 – YouTube
In the eleventh episode, Joao and Jay are joined by Philippe Humeau to discuss the CrowdSec application that Philippe manages as CEO. This is a free application that provides an additional layer of security against intrusions using shared intelligence to enhance protection. You can view the video here: Enterprise Linux Security Episode 11 – CrowdSec – YouTube
In the twelfth episode, Joao and Jay discuss the suspected Ubiquiti data breach and the latest news that it may well have been an insider attack. You can view the video here: Enterprise Linux Security Episode 12 – An Inside Job? – YouTube
Also available is a thirteenth episode where Joao and Jay discuss the implications of the Log4Shell vulnerability and offer advice for keeping your Linux systems secure here: Enterprise Linux Security Episode 13 – Log4Shell – YouTube
Finally, in a bumper month for video output, a fourteenth episode sees Joao and Jay discuss disaster recovery processes and post-incident actions here: Enterprise Linux Security Episode 14 – Recovering from Disaster – YouTube
These video podcasts discussing Linux security issues are essential viewing for anyone involved in managing Linux-based enterprise systems.
This month has seen another high-profile, successful ransomware attack. This time payroll software providers UKG suffered significant system disruption that has a knock-on effect on its many customers. It’s anticipated that full recovery of the affected systems will take several weeks, which is definitely the last thing UKG’s system admins wanted just before Christmas.
This incident is a timely reminder that hackers can attack your servers at any time. If successful, it can leave you with the headache of stopping the attack, undoing all the damage they caused, and restoring systems into operation. Having secure backups that cannot be affected by malware is essential for successful recovery.
You can read more about this in our blog post: How Ransomware can ruin Christmas for IT Teams.
The critical message is to keep on top of your security risks and make sure you have them covered. Close the security gaps and stay alert. The attackers only need to be lucky once to break through defences.
An essential security control is having proper patching in place with, as a minimum, a fast installation schedule but better still live patching. In addition, if you still use end-of-life systems, make sure you have Extended Lifecycle Support that provides patching for these older systems.
LINUX KERNEL CVE DATA ANALYSIS
The data format used in our CVE repositories has changed, so we’ve updated the series of articles that cover Linux Kernel CVE Data Analysis here.
These articles are aimed at anyone interested in Linux security, kernel vulnerabilities, or those of you simply with spare time who would like to run some tests. We’ve provided an updated version of a methodology with revised instructions for extracting data from CVE repositories so you can create your own statistical analysis on Kernel vulnerabilities.