Tag: open-source
-
Top 20 Best Open-Source SOC Tools in 2025
by
in SecurityNewsAs cyber threats continue to evolve, Security Operations Centers (SOCs) require robust tools to detect, analyze, and respond to incidents effectively. Open-source SOC tools provide cost-effective, customizable, and community-supported solutions for organizations of all sizes. In this article, we’ll explore 20 notable open-source SOC tools for 2025, categorized by their functionalities. What Is An Open-Source…
-
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
by
in SecurityNewsThe cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the “tj-actions/changed-files” GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs.”The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a popular…
-
AI programming copilots are worsening code security and leaking more secrets
by
in SecurityNews
Tags: access, ai, api, application-security, attack, authentication, best-practice, breach, ceo, ciso, container, control, credentials, cybersecurity, data, data-breach, github, government, incident response, injection, least-privilege, LLM, monitoring, open-source, openai, password, programming, risk, skills, software, strategy, tool, training, vulnerabilityOverlooked security controls: Ellen Benaim, CISO at enterprise content mangement firm Templafy, said AI coding assistants often fail to adhere to the robust secret management practices typically observed in traditional systems.”For example, they may insert sensitive information in plain text within source code or configuration files,” Benaim said. “Furthermore, because large portions of code are…
-
OpenVPN Flaw Allows Attackers Crash Servers and Run Remote Code
by
in SecurityNewsOpenVPN, a widely-used open-source virtual private network (VPN) software, has recently patched a security vulnerability that could allow attackers to crash servers and potentially execute remote code under certain conditions. The flaw, identified as CVE-2025-2704, affects OpenVPN servers using specific configurations and has been addressed in the newly released version OpenVPN 2.6.14. CVE-2025-2704: Overview The vulnerability is…
-
Apache Traffic Server Flaw Allows Request Smuggling Attacks
by
in SecurityNewsA critical vulnerability has been discovered in Apache Traffic Server (ATS), an open-source caching proxy server. Identified as CVE-2024-53868, this flaw enables attackers to exploit request smuggling via malformed chunked messages. Users of Apache Traffic Server are urged to upgrade to secure versions of the software immediately to mitigate potential risks. CVE-2024-53868 Details The vulnerability was…
-
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
by
in SecurityNewsA maximum severity security vulnerability has been disclosed in Apache Parquet’s Java Library that, if successfully exploited, could allow a remote attacker to execute arbitrary code on susceptible instances.Apache Parquet is a free and open-source columnar data file format that’s designed for efficient data processing and retrieval, providing support for complex data, high-performance First seen…
-
Evilginx stiehlt Zugangsdaten und trickst die Multi-Faktor-Authentifizierung aus
by
in SecurityNewsEine böswillige Mutation des weit verbreiteten Nginx-Webservers erleichtert bösartige Adversary-in-the-Middle-Attacken. Sophos-X-Ops haben in einem Versuchsaufbau das kriminelle Potential von Evilginx analysiert und geben Tipps für den Schutz. Evilginx ist eine Malware, die auf dem legitimen und weit verbreiteten Open-Source-Webserver Nginx basiert. Sie kann dazu verwendet werden, Benutzernamen, Passwörter und Sitzungs-Token zu stehlen und sie bietet…
-
Evilginx: Die nginx-Mutation, die MFA-Schutz aushebelt
by
in SecurityNewsSicherheitsforscher von Sophos X-Ops haben die Funktionsweise und das Gefährdungspotenzial von Evilginx untersucht. Die auf dem weit verbreiteten Open-Source-Webserver nginx basierende Malware stellt eine erhebliche Bedrohung für die IT-Sicherheit dar, indem sie gezielte Adversary-in-the-Middle (AitM)-Angriffe ermöglicht und dabei sogar Multi-Faktor-Authentifizierung (MFA) aushebeln kann. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/evilginx-nginx-mutation-mfa-schutz
-
Open Source vs. proprietäre Software – Nur mit Offenheit gelingt digitale Souveränität in Europa
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/open-source-vs-proprietaere-software-peter-ganten-erklaert-a-f5d165ae509d467b552c4dd5d0a58ca2/
-
Open-source malware doubles, data exfiltration attacks dominate
by
in SecurityNewsThere’s been a notable shift in the types of threats targeting software developers, with a total of 17,954 open source malware packages identified in Q1 2025, according … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/03/open-source-malware-index-q1-2025/
-
Vulnerabilities Expose Jan AI Systems to Remote Manipulation
by
in SecurityNewsVulnerabilities in open source ChatGPT alternative Jan AI expose systems to remote, unauthenticated manipulation. The post Vulnerabilities Expose Jan AI Systems to Remote Manipulation appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/vulnerabilities-expose-jan-ai-systems-to-remote-manipulation/
-
Mozilla is rolling Thundermail, a Gmail, Office 365 rival
by
in SecurityNewsThunderbirds are Pro: Open-source email client to get message hosting, appointment scheduling, more First seen on theregister.com Jump to article: www.theregister.com/2025/04/02/thunderbird_pay_services/
-
Leitfaden von Flashpoint – Open Source Intelligence in der Praxis umsetzen
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/digitale-gefahren-reale-folgen-osint-cyberangriffe-a-c892ad92f75c876b04fe1adae49f5b43/
-
Prince Ransomware An Automated Open-Source Ransomware Builder Freely Available on GitHub
by
in SecurityNews
Tags: attack, cyber, cybercrime, cybersecurity, exploit, github, healthcare, open-source, programming, ransomware, toolThe cybersecurity landscape has witnessed a concerning development with the emergence of >>Prince Ransomware,
-
CISA Alerts on Active Exploitation of Apache Tomcat Vulnerability
by
in SecurityNews
Tags: apache, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, open-source, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding the active exploitation of CVE-2025-24813, a critical vulnerability within Apache Tomcat. This newly identified flaw poses a significant risk to organizations using affected versions of the popular open-source web server. CVE-2025-24813: Apache Tomcat Path Equivalence Vulnerability CVE-2025-24813, classified as a >>Path Equivalence…
-
BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework
by
in SecurityNewsBlueToolkit is an open-source tool that helps find security flaws in Bluetooth Classic devices. It runs known and custom exploits to test if a device is vulnerable. Right now, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/02/bluetoolkit-open-source-bluetooth-classic-vulnerability-testing-framework/
-
Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities
by
in SecurityNewsUsing the Security Copilot tool, Microsoft discovered 20 critical vulnerabilities in widely deployed open-source bootloaders. The post Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-using-ai-to-uncover-critical-bootloader-vulnerabilities/
-
Sliver Framework Customized Enhances Evasion and Bypasses EDR Detection
by
in SecurityNewsThe Sliver Command & Control (C2) framework, an open-source tool written in Go, has been a popular choice for offensive security practitioners since its release in 2020. However, as detection mechanisms evolve, out-of-the-box Sliver payloads are increasingly flagged by Endpoint Detection and Response (EDR) solutions. Recent research demonstrates how minor yet strategic modifications to the…
-
Altgeräte bedrohen Sicherheit in Unternehmen
by
in SecurityNews
Tags: access, apache, authentication, botnet, bug, cisco, cloud, cve, cyberattack, dns, endpoint, firewall, Hardware, intelligence, Internet, ivanti, lazarus, linux, macOS, network, open-source, password, radius, ransomware, risk, router, sans, service, software, supply-chain, threat, update, vulnerabilitySchwachstellen in alten Netzwerkgeräten stellen ein erhebliches Sicherheitsrisiko für Unternehmen dar.Eine Analyse von Ciscos Threat-Intelligence-Team Talos zeigt, zwei der drei häufigsten Schwachstellen, auf die es Angreifer im Jahr 2024 abgesehen hatten, waren in alten Netzwerkgeräten zu finden. Das Problem ist, dass Hersteller dazu keine Patches mehr herausgeben.’Dies unterstreicht, wie wichtig es ist, veraltete Komponenten des…
-
Trend Micro Open Sources AI Tool Cybertron
by
in SecurityNewsThe cybersecurity artificial intelligence (AI) model and agent will help organizations improve threat detection and incident response. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/trend-micro-cybertron-open-source-ai
-
Neuer JFrog-Bericht warnt vor Sicherheitslücken in der Software-Lieferkette im KI-Zeitalter
by
in SecurityNewsDer Bericht thematisiert zudem die mangelnde Transparenz der Code-Herkunft in der Software-Lieferkette. Viele Entwickler laden Open-Source-Pakete direkt aus öffentlichen Registries herunter, ohne Schwachstellen oder Risiken zu berücksichtigen. Weitere Themen umfassen die Herausforderungen durch die “Sicherheits-Tool-Ausuferung” und vieles mehr. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/neuer-jfrog-bericht-warnt-vor-sicherheitsluecken-in-der-software-lieferkette-im-ki-zeitalter/a40356/
-
6 hard-earned tips for leading through a cyberattack, from CSOs who’ve been there
by
in SecurityNews
Tags: attack, awareness, breach, business, cisco, ciso, control, cyber, cyberattack, cybersecurity, data, group, incident response, infosec, infrastructure, lessons-learned, military, open-source, phishing, phone, privacy, programming, ransomware, security-incident, service, skills, software, strategy, threat, training, updateDevelop muscle memory, and patience, through simulations: Authority under crisis is meaningless if you can’t establish followership. And this goes beyond the incident response team: CISOs must communicate with the entire organization, a commonly misunderstood imperative, says Pablo Riboldi, CISO of nearshore talent provider BairesDev.”I find that employee involvement tends to be overlooked during cyberattacks.…
-
Volume of attacks on network devices shows need to replace end of life devices quickly
by
in SecurityNews
Tags: access, apache, attack, authentication, best-practice, breach, cloud, control, credentials, cve, cyber, dns, endpoint, espionage, exploit, firewall, flaw, government, group, Hardware, infrastructure, injection, Internet, ivanti, lazarus, macOS, monitoring, network, north-korea, open-source, password, risk, router, russia, sans, service, software, threat, tool, update, vulnerabilityCVE-2023-1389, a vulnerability in TP-Link Archer AX21 router;CVE-2024-3400, a hole in Palo Alto Networks PAN-OS firewall operating system;CVE-2023-36845, a vulnerability in Juniper Networks Junos OS operating system;CVE-2021-44529, a vulnerability in Ivanti Endpoint Manager Cloud Service Appliance;CVE-2023-38035, a hole in Ivanti Sentry security gateway;CVE-2024-36401, a vulnerability in OSGeo GeoServer;CVE-2024-0012, a vulnerability in Palo Alto Neworks PAN-OS…
-
Open Source statt Microsoft – So können Unternehmen Linux-Server günstig und sicher aufsetzen
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/open-source-und-linux-statt-windows-a-b4da32bf803c2dc7f035009a3c83d64b/
-
Microsoft uses AI to find flaws in GRUB2, U-Boot, Barebox bootloaders
by
in SecurityNewsMicrosoft used its AI-powered Security Copilot to discover 20 previously unknown vulnerabilities in the GRUB2, U-Boot, and Barebox open-source bootloaders. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-uses-ai-to-find-flaws-in-grub2-u-boot-barebox-bootloaders/