Tag: open-source
-
Forscher finden Schwachstellen in Passwort-Managern
by
in SecurityNewsBei einer Open-Source-Codeanalyse hat das BSI die Passwort-Manager Vaultwarden und KeePass auf Sicherheitseigenschaften untersucht mit ungleichen Erge… First seen on heise.de Jump to article: www.heise.de/news/Passwort-Manager-BSI-berichtet-ueber-kritische-Schwachstellen-in-Vaultwarden-9982427.html
-
Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits
by
in SecurityNewsQualcomm has rolled out security updates to address nearly two dozen flaws spanning proprietary and open-source components, including one that has com… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/qualcomm-urges-oems-to-patch-critical.html
-
Open-Source Entry Points Targeted for Supply Chain Compromise
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/open-source-entry-points-targeted-for-supply-chain-compromise
-
Attackers deploying red teaming tool for EDR evasion
by
in SecurityNewsThreat actors are leveraging the open-source EDRSilencer tool to evade endpoint detection and response systems, Trend Micro researchers have noticed. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/15/edr-evasion-edrsilencer/
-
Command-jacking used to launch malicious code on open-source platforms
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/command-jacking-used-to-launch-malicious-code-on-open-source-platforms
-
Forscher finden teils kritische Schwachstellen in Passwort-Managern
by
in SecurityNewsBei einer Open-Source-Codeanalyse hat das BSI die Passwort-Manager Vaultwarden und KeePass auf Sicherheitseigenschaften untersucht mit ungleichen Erge… First seen on heise.de Jump to article: www.heise.de/news/Passwort-Manager-BSI-berichtet-ueber-kritische-Schwachstellen-in-Vaultwarden-9982427.html
-
Sonatype Reports 156% Increase in OSS Malicious Packages
by
in SecurityNewsA new Sonatype report reveals a 156% surge in open source malware, with over 704,102 malicious packages identified since 2019, as OSS adoption continu… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/156-increase-in-oss-malicious/
-
Open Source Package Entry Points May Lead to Supply Chain Attacks
by
in SecurityNewsEntry points in packages across multiple programming languages are susceptible to exploitation in supply chain attacks. The post Open Source Package E… First seen on securityweek.com Jump to article: www.securityweek.com/open-source-package-entry-points-may-lead-to-supply-chain-attacks/
-
Malicious packages in open-source repositories are surging
by
in SecurityNewsFirst seen on cyberscoop.com Jump to article: cyberscoop.com/open-source-security-supply-chain-sonatype/
-
Navigating the Cybersecurity Risks of Shadow Open-Source GenAI
by
in SecurityNewsGenerative AI is no doubt the leading frontier in AI. Models have captured attention and driven exciting use cases across industries with their abilit… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/navigating-the-cybersecurity-risks-of-shadow-open-source-genai/
-
Ubuntu Fixes Multiple PHP Vulnerabilities: Update Now
by
in SecurityNewsMultiple security vulnerabilities were identified in PHP, a widely-used open source general purpose scripting language which could compromise the secu… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/ubuntu-fixes-multiple-php-vulnerabilities-update-now/
-
Open Source MFA-Software in neuer Version – privacyIDEA 3.10 ermöglicht Offline-Authentifizierung mit Push-Token
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/netknights-veroeffentlicht-privacyidea-3-10-a-c7a945373cc2108f4b3e08b497763c7b/
-
Supply Chain Attacks Exploit Entry Points in Python, npm, and Open-Source Ecosystems
by
in SecurityNewsCybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart P… First seen on thehackernews.com Jump to article: thehackernews.com/2024/10/supply-chain-attacks-exploit-entry.html
-
Open-Source Security Risks Rise as Usage Expands
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/open-source-security-risks-rise-as-usage-expands
-
Open-source security threats surge amid increasing usage
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/open-source-security-threats-surge-amid-increasing-usage
-
YARA: Open-source tool for malware research
by
in SecurityNewsYARA is a powerful tool designed primarily to aid malware researchers in identifying and categorizing malware samples, though its applications are bro… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/09/yara-open-source-tool-malware-research/
-
23 Top Open Source Penetration Testing Tools
by
in SecurityNewsSecurity professionals heavily rely on penetration testing tools for network security. Review and compare 23 of the best open-source pen testing tools… First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/applications/open-source-penetration-testing-tools/
-
How open source SIEM and XDR tackle evolving threats
by
in SecurityNewsEvolving threats require security solutions that match the sophistication of modern threats. Learn more about how Wazuh, the open-source XDR and SIEM,… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/how-open-source-siem-and-xdr-tackle-evolving-threats/
-
JFrog and GitHub unveil open source security integrations
by
in SecurityNewsSecure software specialist JFrog is working with code development service GitHub to integrate the onboard capabilities of its Software Supply Chain Pl… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366609897/JFrog-and-GitHub-unveil-new-open-source-security-integrations
-
Open-Source Scanner Released to Detect CUPS Vulnerability
by
in SecurityNewsA new open-source scanner has been released to detect a critical vulnerability in the Common Unix Printing System (CUPS), explicitly targeting CVE-202… First seen on gbhackers.com Jump to article: gbhackers.com/open-source-scanner-released-to-detect-cups-vulnerability/
-
Rspamd: Open-source spam filtering system
by
in SecurityNewsRspamd is an open-source spam filtering and email processing framework designed to evaluate messages based on a wide range of rules, including regular… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/07/rspamd-open-source-spam-filtering/
-
MaLDAPtive: Open-source framework for LDAP SearchFilter parsing, obfuscation, and more!
by
in SecurityNewsMaLDAPtive is an open-source framework for LDAP SearchFilter parsing, obfuscation, deobfuscation, and detection. At its core, the project features a c… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/04/maldaptive-open-source-framework-for-ldap-searchfilter-parsing-obfuscation/
-
Recently patched CUPS flaw can be used to amplify DDoS attacks
by
in SecurityNewsA recently disclosed vulnerability in the Common Unix Printing System (CUPS) open-source printing system can be exploited by threat actors to launch d… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/recently-patched-cups-flaw-can-be-used-to-amplify-ddos-attacks/
-
CUPS vulnerability, a near miss, delivers another warning for open source
by
in SecurityNewsFirst seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cups-vulnerability-near-miss-open-source/728424/
-
2024’s Best Open Source Cybersecurity Tools
by
in SecurityNewsThere’s a prevailing myth that top-notch security solutions must come with a hefty price tag. Yet, this isn’t necessarily the case. Open-source tools … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/2024s-best-open-source-cybersecurity-tools/
-
Suricata: Open-source network analysis and threat detection
by
in SecurityNewsSuricata is an open-source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring engine. Surica… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/02/suricata-open-source-network-analysis-threat-detection/
-
A quartet of Linux CVEs draws exploit fears among open source community
by
in SecurityNewsFirst seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/linux-cves-open-source/728310/
-
Open source maintainers: Key to software health and security
by
in SecurityNewsOpen source has become the foundation of modern application development, with up to 98% of applications incorporating open-source components and open-… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/30/open-source-maintainers-video/
-
SCCMSecrets: Open-source SCCM policies exploitation tool
by
in SecurityNewsSCCMSecrets is an open-source tool that exploits SCCM policies, offering more than just NAA credential extraction. SCCM policies are a key target for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/30/sccmsecrets-open-source-sccm-policies-exploitation-tool/
-
Tosint: Open-source Telegram OSINT tool
by
in SecurityNewsTosint is an open-source Telegram OSINT tool that extracts useful information from Telegram bots and channels. It’s suited for security researchers, i… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/27/tosint-open-source-telegram-osint-tool/