GitHub

Gitleaks: Open-source solution for detecting secrets in your code

Data leak, Don't miss, GitHub, Hot stuff, News, open source, software /

Gitleaks: Open-source solution for detecting secrets in your code 2024-06-27 at 07:37 By Mirko Zorz Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets such as passwords, API keys, and tokens in Git repositories. With more than 15 million Docker downloads, 16,200 GitHub stars, 7 million GitHub downloads, thousands of weekly […]

React to this headline:

Loading spinner

Gitleaks: Open-source solution for detecting secrets in your code Read More »

Developer errors lead to long-term exposure of sensitive data in Git repos

Aqua Security, cybersecurity, data, Don't miss, GitHub, News, open source, report, software, software development /

Developer errors lead to long-term exposure of sensitive data in Git repos 2024-06-26 at 15:01 By Help Net Security Credentials, API tokens, and passkeys – collectively referred to as secrets – from organizations around the globe were exposed for years, according to Aqua Security’s latest research. By scanning the most popular 100 organizations on GitHub,

React to this headline:

Loading spinner

Developer errors lead to long-term exposure of sensitive data in Git repos Read More »

Zeek: Open-source network traffic analysis, security monitoring

cybersecurity, Don't miss, GitHub, Hot stuff, monitoring, network analysis, network monitoring, News, open source, software /

Zeek: Open-source network traffic analysis, security monitoring 2024-06-25 at 07:01 By Mirko Zorz Zeek is an open-source network analysis framework. Unlike an active security device such as a firewall, Zeek operates on a versatile ‘sensor’ that can be a hardware, software, virtual, or cloud platform. This flexibility allows Zeek to quietly monitor network traffic, interpret

React to this headline:

Loading spinner

Zeek: Open-source network traffic analysis, security monitoring Read More »

Cilium: Open-source eBPF-based networking, security, observability

cybersecurity, Don't miss, GitHub, Hot stuff, networking, News, open source, software /

Cilium: Open-source eBPF-based networking, security, observability 2024-06-21 at 07:01 By Help Net Security Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads. What is eBPF? eBPF is a technology originating from the Linux kernel that allows sandboxed programs to run in

React to this headline:

Loading spinner

Cilium: Open-source eBPF-based networking, security, observability Read More »

SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, software, Stamus Networks /

SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting 2024-06-19 at 07:33 By Mirko Zorz SELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection (IDS/IPS), network security monitoring (NSM), and threat hunting. The project is developed and maintained by Stamus Networks. SELKS is an effective production-grade solution for many small

React to this headline:

Loading spinner

SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting Read More »

Ghidra: Open-source software reverse engineering framework

cybersecurity, Don't miss, GitHub, Government, Hot stuff, News, NSA, open source, software /

Ghidra: Open-source software reverse engineering framework 2024-06-17 at 07:01 By Help Net Security Ghidra, a cutting-edge open-source software reverse engineering (SRE) framework, is a product of the National Security Agency (NSA) Research Directorate. The framework features high-end software analysis tools, enabling users to analyze compiled code across various platforms, including Windows, macOS, and Linux. Ghidra’s

React to this headline:

Loading spinner

Ghidra: Open-source software reverse engineering framework Read More »

GitHub Paid Out Over $4 Million via Bug Bounty Program

bug bounty program, GitHub, Vulnerabilities /

GitHub Paid Out Over $4 Million via Bug Bounty Program 2024-06-12 at 15:16 By Eduard Kovacs The code hosting platform GitHub has paid out more than $4 million since the launch of its bug bounty program 10 years ago. The post GitHub Paid Out Over $4 Million via Bug Bounty Program appeared first on SecurityWeek.

React to this headline:

Loading spinner

GitHub Paid Out Over $4 Million via Bug Bounty Program Read More »

Radare: Open-source reverse engineering framework

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, software /

Radare: Open-source reverse engineering framework 2024-06-10 at 07:32 By Mirko Zorz Radare is an open-source UNIX-like reverse engineering framework and command-line toolset. It can be scripted, modified, and used for batch analysis. “I started the project in 2006 when I was working as a forensic analyst, and I wrote a simple command-line hexadecimal editor to

React to this headline:

Loading spinner

Radare: Open-source reverse engineering framework Read More »

Sniffnet: Free, open-source network monitoring

cybersecurity, Don't miss, GitHub, Hot stuff, monitoring, network monitoring, networking, News, open source, penetration testing, scanning, software /

Sniffnet: Free, open-source network monitoring 2024-06-06 at 07:01 By Mirko Zorz Sniffnet is a free, open-source network monitoring tool to help you easily track your Internet traffic. What sets it apart is its strong focus on user experience. Unlike most network analyzers, Sniffnet is built to be easily usable by everyone, regardless of technical expertise.

React to this headline:

Loading spinner

Sniffnet: Free, open-source network monitoring Read More »

TotalRecall shows how easily data collected by Windows Recall can be stolen

Artificial Intelligence, data security, data theft, Don't miss, GitHub, Hot stuff, Microsoft, News, PoC, Privacy, software, Windows /

TotalRecall shows how easily data collected by Windows Recall can be stolen 2024-06-05 at 13:16 By Zeljka Zorz Ethical hacker Alexander Hagenah has created TotalRecall, a tool that demonstrates how malicious individuals could abuse Windows’ newly announced Recall feature to steal sensitive information. TotalRecall results (Source: Alexander Hagenah) Copilot+ Recall and its security pitfalls On

React to this headline:

Loading spinner

TotalRecall shows how easily data collected by Windows Recall can be stolen Read More »

20 free cybersecurity tools you might have missed

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, software /

20 free cybersecurity tools you might have missed 2024-06-04 at 07:31 By Help Net Security Free, open-source cybersecurity tools have become indispensable to protecting individuals, organizations, and critical infrastructure from cyber threats. These tools are created through collaborative and transparent efforts, making them affordable and accessible alternatives to proprietary software. Here, you will find a

React to this headline:

Loading spinner

20 free cybersecurity tools you might have missed Read More »

Encrypted Notepad: Open-source text editor

Don't miss, Encryption, GitHub, News, open source, software /

Encrypted Notepad: Open-source text editor 2024-05-31 at 06:33 By Mirko Zorz Encrypted Notepad, an open-source text editor, ensures your files are saved and loaded encrypted with AES-256. With no ads, no network connection required, and no unnecessary features, it’s a tool that simply works. “Like the Windows Notepad app, it has no features besides text

React to this headline:

Loading spinner

Encrypted Notepad: Open-source text editor Read More »

RansomLord: Open-source anti-ransomware exploit tool

cybercrime, Don't miss, GitHub, Hot stuff, News, open source, Ransomware, software /

RansomLord: Open-source anti-ransomware exploit tool 2024-05-29 at 07:01 By Mirko Zorz RansomLord is an open-source tool that automates the creation of PE files, which are used to exploit ransomware pre-encryption. “I created RansomLord to demonstrate ransomware is not invincible, has vulnerabilities and its developers make mistakes and can write bad code just like everyone else,”

React to this headline:

Loading spinner

RansomLord: Open-source anti-ransomware exploit tool Read More »

Chronon: Open-source data platform for AI/ML applications

Airbnb, Don't miss, GitHub, Hot stuff, News, open source, software /

Chronon: Open-source data platform for AI/ML applications 2024-05-27 at 07:01 By Mirko Zorz Chronon is an open-source, end-to-end feature platform designed for machine learning (ML) teams to build, deploy, manage, and monitor data pipelines for machine learning. Chronon enables you to harness all the data within your organization, including batch tables, event streams, and services,

React to this headline:

Loading spinner

Chronon: Open-source data platform for AI/ML applications Read More »

GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)

Don't miss, enterprise, GitHub, Hot stuff, News, software development, vulnerability /

GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985) 2024-05-23 at 13:16 By Zeljka Zorz A critical, 10-out-of-10 vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been fixed by Microsoft-owned GitHub. Fortunately, there is a catch that may narrow down the pool of potential victims: instances are vulnerable to

React to this headline:

Loading spinner

GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985) Read More »

Critical Authentication Bypass Resolved in GitHub Enterprise Server

GitHub, Vulnerabilities, vulnerability /

Critical Authentication Bypass Resolved in GitHub Enterprise Server 2024-05-22 at 16:01 By Ionut Arghire Critical vulnerability in GitHub Enterprise Server allows unauthenticated attackers to obtain administrative privileges. The post Critical Authentication Bypass Resolved in GitHub Enterprise Server appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Critical Authentication Bypass Resolved in GitHub Enterprise Server Read More »

Authelia: Open-source authentication and authorization server

authentication, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, OpenSSF, software /

Authelia: Open-source authentication and authorization server 2024-05-22 at 07:33 By Mirko Zorz Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, deny, or redirect requests. Authelia connects directly to the reverse proxy but never to the application backends.

React to this headline:

Loading spinner

Authelia: Open-source authentication and authorization server Read More »

Grafana: Open-source data visualization platform

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, software /

Grafana: Open-source data visualization platform 2024-05-20 at 07:31 By Mirko Zorz Grafana is an open-source solution for querying, visualizing, alerting, and exploring metrics, logs, and traces regardless of where they are stored. Grafana provides tools to transform your time-series database (TSDB) data into meaningful graphs and visualizations. Additionally, its plugin framework lets you integrate various

React to this headline:

Loading spinner

Grafana: Open-source data visualization platform Read More »

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)

DevOps, Don't miss, Git, GitHub, Hot stuff, News, open source, security update, vulnerability /

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) 2024-05-16 at 14:16 By Zeljka Zorz New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a “clone” operation. About Git Git is a widely-popular distributed version

React to this headline:

Loading spinner

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) Read More »

OWASP dep-scan: Open-source security and risk audit tool

AppThreat, Don't miss, GitHub, Hot stuff, News, open source, OWASP, risk assessment, software /

OWASP dep-scan: Open-source security and risk audit tool 2024-05-16 at 08:01 By Mirko Zorz OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies. It supports local repositories and container images as input sources, making it suitable for integration with ASPM/VM platforms and

React to this headline:

Loading spinner

OWASP dep-scan: Open-source security and risk audit tool Read More »

Scroll to Top