Tag: open-source
-
Gogs Vulnerabilities Let Attackers Hack Instances And Steal Source Code
by
in SecurityNewsGogs is a standard open-source code hosting system used by many developers. Several Gogs vulnerabilities have been discovered recently by the cybersec… First seen on gbhackers.com Jump to article: gbhackers.com/gogs-vulnerabilities-hack-steal-source-code/
-
Majority of Critical Open Source Projects Contain Memory Unsafe Code
by
in SecurityNewsA CISA analysis in collaboration with international partners concluded most critical open source projects potentially contain memory safety vulnerabil… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/open-source-projects-memory-unsafe/
-
Week in review: MOVEit auth bypass flaws quitely fixed, open-source Rafel RAT targets Androids
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Progress quietly fixes MOVEit auth bypass flaws (CVE… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/30/week-in-review-moveit-auth-bypass-flaws-quitely-fixed-open-source-rafel-rat-targets-androids/
-
CISA’s Flags Memory-Unsafe Code in Major Open Source Projects
by
in SecurityNewsDespite more than 50% of all open source code being written in memory-unsafe languages like C++, we are unlikely to see a massive overhaul to code bas… First seen on darkreading.com Jump to article: www.darkreading.com/application-security/cisa-memory-unsafe-code-open-source-projects
-
Mailcow Mail Server Flaws Expose Servers to Remote Code Execution
by
in SecurityNewsTwo security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors to achieve a… First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/mailcow-mail-server-flaws-expose.html
-
Most critical open source projects not using memory safe code
by
in SecurityNewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-most-critical-open-source-projects-not-using-memory-safe-code/
-
Zeek: Open-source network traffic analysis, security monitoring
by
in SecurityNewsZeek is an open-source network analysis framework. Unlike an active security device such as a firewall, Zeek operates on a versatile ‘sensor’ that can… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/25/zeek-open-source-network-analysis-framework-security-monitoring/
-
Critical bug discovered in open source utility Fluent Bit
by
in SecurityNewsTenable researchers discovered a critical vulnerability, dubbed ‘Linguistic Lumberjack,’ in Fluent Bit, an open source logging utility widely used by … First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366585766/Critical-bug-discovered-in-open-source-utility-Fluent-Bit
-
New IBM Watsonx GenAI focuses on enterprises, governance
by
in SecurityNewsThe veteran tech giant, with deep roots in AI, bases its new AI strategy on open source, multimodel support and helping businesses modernize their cod… First seen on techtarget.com Jump to article: www.techtarget.com/searchenterpriseai/news/366585946/New-IBM-Watsonx-GenAI-tech-focuses-on-enterprises-governance
-
Patched Weeks Ago, RCE Bug in AI Tool Still a ‘Probllama’
by
in SecurityNewsCompanies Eager for Tools Are Putting AI’s Transformative Power Ahead of Security. Hackers targeting a popular open-source project for running artific… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/patched-weeks-ago-rce-bug-in-ai-tool-still-probllama-a-25611
-
Experts observed approximately 120 malicious campaigns using the Rafel RAT
by
in SecurityNewsMultiple threat actors are using an open-source Android remote administration tool called Rafel RAT to target Android Devices. Check Point Research id… First seen on securityaffairs.com Jump to article: securityaffairs.com/164844/cyber-crime/multiple-threat-actors-used-rafel-rat.html
-
Open-source Rafel RAT steals info, locks Android devices, asks for ransom
by
in SecurityNewsThe open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their c… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/24/android-rafel-rat/
-
Addressing Node.js Vulnerabilities in Ubuntu
by
in SecurityNewsNode.js is an open-source, cross-platform JavaScript runtime environment built on the powerful V8 engine from Chrome. It allows you to run JavaScript … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/addressing-node-js-vulnerabilities-in-ubuntu/
-
Rafel RAT targets outdated Android phones in ransomware attacks
by
in SecurityNewsAn open-source Android malware named ‘Rafel RAT’ is widely deployed by multiple cybercriminals to attack outdated devices, some aiming to lock them do… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/rafel-rat-targets-outdated-android-phones-in-ransomware-attacks/
-
Chinese Hackers Caught Spying on Taiwanese Firms
by
in SecurityNewsEspionage Group Used SoftEther VPN Client to Exploit Targeted Networks. A Chinese state-sponsored group, tracked as RedJuliett, is using open-source V… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-hackers-caught-spying-on-taiwanese-firms-a-25603
-
Cilium: Open-source eBPF-based networking, security, observability
by
in SecurityNewsCilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivit… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/21/cilium-open-source-ebpf-based-networking-security-observability/
-
Ratel RAT targets outdated Android phones in ransomware attacks
by
in SecurityNewsAn open-source Android malware named ‘Ratel RAT’ is widely deployed by multiple cybercriminals to attack outdated devices, some aiming to lock them do… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ratel-rat-targets-outdated-android-phones-in-ransomware-attacks/
-
Das Ringen um Sicherheit Source- oder proprietäre Software?
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/sicherheit-von-open-source-vs-proprietaerer-software-a-8e1df85545b683e197b03d2ef9d997c8/
-
UNC3886 hackers use Linux rootkits to hide on VMware ESXi VMs
by
in SecurityNewsA suspected Chinese threat actor tracked as UNC3886 uses publicly available open-source rootkits named ‘Reptile’ and ‘Medusa’ to remain hidden on VMwa… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/unc3886-hackers-use-linux-rootkits-to-hide-on-vmware-esxi-vms/
-
SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting
by
in SecurityNewsSELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection (IDS/IPS), network security monitoring (N… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/19/selks-open-source-suricata-ids-ips-network-security-monitoring-threat-hunting/
-
Chinese Hackers Used Open-Source Rootkits for Espionage
by
in SecurityNewsUNC3886 Targeted Edge Devices for Persistence, Mandiant Says. A suspected Chinese hacking group used open-source rootkits to ensure persistence on com… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-hackers-used-open-source-rootkits-for-espionage-a-25571
-
Multiple OpenJDK Vulnerabilities Addressed in Ubuntu
by
in SecurityNewsOpenJDK, a widely used open-source implementation of Java, recently had several security vulnerabilities patched in Ubuntu. These issues could allow a… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/multiple-openjdk-vulnerabilities-addressed-in-ubuntu/
-
Enhancing security through collaboration with the open-source community
by
in SecurityNewsIn this Help Net Security interview, Alan DeKok, CEO at NetworkRADIUS, discusses the need for due diligence in selecting and maintaining open-source t… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/18/alan-dekok-networkradius-open-source-software-security/
-
Nicht nur für Windows: Recall erhält Open-Source-Konkurrenz mit Datenschutz-Fokus
by
in SecurityNewsEbenso wie Microsofts Recall erfasst Openrecall regelmäßig Screenshots und macht diese durchsuchbar. Das Projekt will vor allem bei Datenschutz und Si… First seen on golem.de Jump to article: www.golem.de/news/nicht-nur-fuer-windows-recall-erhaelt-open-source-konkurrenz-mit-datenschutz-fokus-2406-185897.html
-
Ghidra: Open-source software reverse engineering framework
by
in SecurityNewsGhidra, a cutting-edge open-source software reverse engineering (SRE) framework, is a product of the National Security Agency (NSA) Research Directora… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/17/ghidra-nsa-open-source-software-reverse-engineering-framework/
-
Talos releases new macOS open-source fuzzer
by
in SecurityNewsCompared to fuzzing for software vulnerabilities on Linux, where most of the code is open-source, targeting anything on macOS presents a few difficult… First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/talos-releases-new-macos-fuzzer/
-
YetiHunter: Open-source threat hunting tool for Snowflake environments
by
in SecurityNewsCloud identity protection company Permiso has created YetiHunter, a threat detection and hunting tool companies can use to query their Snowflake envir… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/14/snowflake-threat-hunting/
-
Are Open Source Community Databases really a ‘Prudent Choice’
by
in SecurityNews
Tags: open-sourceBy a href=https://www.linkedin.com/in/siddharth-deshmukh-5646534/?originalSubdomain=in target=_blank rel=nofollow noopener>Siddharth Deshmukh, Chi… First seen on thecyberexpress.com Jump to article: thecyberexpress.com/enterprise-editions-databases/
-
How we differentiate ARMO Platform from Open Source Kubescape
by
in SecurityNews
Tags: open-sourceIn this blog post we will be discussing how we differentiate ARMO Platform from Open Source Kubescape. The post blog post we will be discussing how we… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/how-we-differentiate-armo-platform-from-open-source-kubescape/