Tag: open-source
-
SCCMSecrets: Open-source SCCM policies exploitation tool
by
in SecurityNewsSCCMSecrets is an open-source tool that exploits SCCM policies, offering more than just NAA credential extraction. SCCM policies are a key target for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/30/sccmsecrets-open-source-sccm-policies-exploitation-tool/
-
Tosint: Open-source Telegram OSINT tool
by
in SecurityNewsTosint is an open-source Telegram OSINT tool that extracts useful information from Telegram bots and channels. It’s suited for security researchers, i… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/27/tosint-open-source-telegram-osint-tool/
-
CUPS flaws enable Linux remote code execution, but there’s a catch
by
in SecurityNewsUnder certain conditions, attackers can chain a set of vulnerabilities in multiple components of the CUPS open-source printing system to execute arbit… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cups-flaws-enable-linux-remote-code-execution-but-theres-a-catch/
-
New Mallox Ransomware Linux Variant Attacking Enterprise Linux Servers
by
in SecurityNewsKryptina RaaS, a free and open-source RaaS platform for Linux, initially struggled to attract attention. Still, after a Mallox affiliate’s staging ser… First seen on gbhackers.com Jump to article: gbhackers.com/mallox-llinux-ransomware-attacks/
-
Strengthening Open-Source Security: Effective and Best Practices
by
in SecurityNewsOpen-source security requires a multi-faceted approach due to the transparency of open-source software exposing potential vulnerabilities. Malicious a… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/strengthening-open-source-security-effective-and-best-practices/
-
NetAlertX: Open-source Wi-Fi intruder detector
by
in SecurityNewsNetAlertX is an open-source Wi-Fi/LAN intruder detection tool that scans your network for connected devices and alerts you when new or unknown devices… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/25/netalertx-open-source-wi-fi-intruder-detector/
-
Open Source C3 Frameworks Used In Red Teaming Assessments Vulnerable To RCE Attacks
by
in SecurityNewsC2 frameworks, crucial for post-exploitation operations, offer open-source alternatives to Cobalt Strike. They streamline the management of compromise… First seen on gbhackers.com Jump to article: gbhackers.com/c3-framework-rce-vulnerability/
-
Open Source C2 Frameworks Used In Red Teaming Assessments Vulnerable To RCE Attacks
by
in SecurityNewsC2 frameworks, crucial for post-exploitation operations, offer open-source alternatives to Cobalt Strike. They streamline the management of compromise… First seen on gbhackers.com Jump to article: gbhackers.com/c2-framework-rce-vulnerability/
-
The Llama is freed: Winamp goes open source after 27 years
by
in SecurityNews
Tags: open-sourceFirst seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/software/the-llama-is-freed-winamp-goes-open-source-after-27-years/
-
Certainly: Open-source offensive security toolkit
by
in SecurityNewsCertainly is an open-source offensive security toolkit designed to capture extensive traffic across various network protocols in bit-flip and typosqua… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/23/certainly-open-source-offensive-security-toolkit/
-
Jenkins Penetration Testing
by
in SecurityNewsJenkins is an open-source automation server used for continuous integration (CI) and continuous delivery (CD). It’s built on Java and utilizes a scrip… First seen on hackingarticles.in Jump to article: www.hackingarticles.in/jenkins-penetration-testing/
-
Paid open-source maintainers spend more time on security
by
in SecurityNews
Tags: open-sourcePaid maintainers are 55% more likely to implement critical security and maintenance practices than unpaid maintainers and are dedicating more time to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/23/open-source-maintainers-security/
-
Nextcloud Hub 9 released: New features, more security, updated performance
by
in SecurityNewsNextcloud has launched Nextcloud Hub 9, a significant update to its open-source cloud-based collaboration platform. It introduces several new features… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/20/nextcloud-hub-9-released/
-
Open source maintainers underpaid, swamped by security, going gray
by
in SecurityNews
Tags: open-sourceFirst seen on theregister.com Jump to article: www.theregister.com/2024/09/18/open_source_maintainers_underpaid/
-
Open source maintainers, under security pressure, remain largely unpaid after XZ Utils
by
in SecurityNewsA report by Tidelift shows an;equity gap remains;between;open source developers and well-resourced software users who are pushing for higher security … First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/open-source-maintainers-unpaid-xz-utils/727216/
-
Clever ‘GitHub Scanner’ campaign abusing repos to push malware
by
in SecurityNewsA clever threat campaign is abusing GitHub repositories to distribute malware targeting users who frequent an open source project repository or are su… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/clever-github-scanner-campaign-abusing-repos-to-push-malware/
-
CrowdSec: Open-source security solution offering crowdsourced protection
by
in SecurityNewsCrowdsec is an open-source solution that offers crowdsourced protection against malicious IPs. CrowdSec features For this project, the developers have… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/18/crowdsec-open-source-crowdsourced-protection/
-
Seven ways to secure open-source software
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/perspective/seven-ways-to-secure-open-source-software
-
Two QEMU Vulnerabilities Fixed in Ubuntu 24.04 LTS
by
in SecurityNewsRecently, two memory-related flaws were discovered in QEMU, a popular open-source machine emulator and virtualizer. The vulnerabilities, identified as… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/two-qemu-vulnerabilities-fixed-in-ubuntu-24-04-lts/
-
Swatting: Open-Source-Entwickler vor laufender Kamera durch Polizei abgeführt
by
in SecurityNews
Tags: open-sourceFirst seen on heise.de Jump to article: www.heise.de/news/Polizeibesuch-im-Linux-Livestream-Open-Source-Entwickler-Opfer-von-Swatting-9873744.html
-
EchoStrike: Generate undetectable reverse shells, perform process injection
by
in SecurityNewsEchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems. >>EchoStrike allo… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/16/echostrike-reverse-shells-process-injection/
-
Trends and dangers in open-source software dependencies
by
in SecurityNewsA C-suite perspective on potential vulnerabilities within open-source dependencies or software packages reveals that, while remediation costs for depe… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/09/16/open-source-software-dependencies/
-
Polizeibesuch im Linux-Livestream: Open-Source-Entwickler Opfer von Swatting
by
in SecurityNewsFirst seen on heise.de Jump to article: www.heise.de/news/Polizeibesuch-im-Linux-Livestream-Open-Source-Entwickler-Opfer-von-Swatting-9873744.html
-
QEMU 9.1 Released: New Features and Hardware Support
by
in SecurityNewsQEMU, a popular open-source emulator, has launched its latest version, 9.1 with numerous improvements to enhance performance, security, and scalabilit… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/09/qemu-9-1-released-new-features-and-hardware-support/
-
Machine Learning- und KI-Dienste sind angreifbar – Schwachstellen in Open-Source-MLOps-Plattformen
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/cyberangriffsrisiken-mlops-jfrog-sicherheitsforschung-a-0deef1cce8b54fd0b912bb23b01a34c0/
-
Open Source Updates Have 75% Chance of Breaking Apps
by
in SecurityNewsFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/open-source-updates-75-breaking/
-
Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution
by
in SecurityNewsA new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning (ERP) system that, if successfully exploited, coul… First seen on thehackernews.com Jump to article: thehackernews.com/2024/09/apache-ofbiz-update-fixes-high-severity.html
-
Chinese APT Groups Continue to Leverage Open-Source and Custom Reconnaissance Tools in Cyber Espionage Campaigns
by
in SecurityNewsThe Natto Thoughts team recently uncovered key insights into the reconnaissance techniques used by Chinese state-sponsored threat actors. A deep dive … First seen on securityonline.info Jump to article: securityonline.info/chinese-apt-groups-continue-to-leverage-open-source-and-custom-reconnaissance-tools-in-cyber-espionage-campaigns/
-
New Loki Backdoor Attacking macOS Systems
by
in SecurityNewsCody Thomas developed Apfell, an open-source macOS post-exploitation framework, in 2018 and evolved into Mythic, a cross-platform framework that addre… First seen on gbhackers.com Jump to article: gbhackers.com/loki-macos-attack/
-
Open Source Tool Allows Voters to Verify Election Results
by
in SecurityNewsThe ElectionGuard project allows anyone, voters, campaign staffers, and election officials, to cryptographically verify ballots, a promise which may b… First seen on darkreading.com Jump to article: www.darkreading.com/data-privacy/open-source-tool-allows-voters-to-verify-election-results