open source

Evilginx: Open-source man-in-the-middle attack framework

Evilginx: Open-source man-in-the-middle attack framework 2024-12-23 at 07:37 By Mirko Zorz Evilginx is an open-source man-in-the-middle attack framework designed to phish login credentials and session cookies, enabling attackers to bypass 2FA safeguards. “Back in 2017, I was experimenting with extracting cookies from one browser and importing them into another. I realized this technique could effectively […]

React to this headline:

Loading spinner

Evilginx: Open-source man-in-the-middle attack framework Read More »

What open source means for cybersecurity

What open source means for cybersecurity 2024-12-23 at 06:03 By Help Net Security With outdated and inadequately maintained components, along with insecure dependencies, the open-source ecosystem presents numerous risks that could expose organizations to threats. In this article, you will find excerpts from 2024 open-source security reports that can help your organization strengthen its software

React to this headline:

Loading spinner

What open source means for cybersecurity Read More »

Vanir: Open-source security patch validation for Android

Vanir: Open-source security patch validation for Android 2024-12-18 at 06:34 By Help Net Security Google’s open-source tool Vanir enables Android developers to quickly scan custom platform code for missing or applicable security patches. By automating patch validation, Vanir helps OEMs deliver critical security updates faster, enhancing the security of the Android ecosystem. Vanir uses source-code-based

React to this headline:

Loading spinner

Vanir: Open-source security patch validation for Android Read More »

Kali Linux 2024.4 released! 14 new shiny tools added

Kali Linux 2024.4 released! 14 new shiny tools added 2024-12-17 at 11:15 By Help Net Security Kali Linux 2024.4 includes a broad set of updates and changes. The summary of the changelog since the 2024.3 release from September: Python 3.12 – New default Python version (Au revoir pip, hello pipx). The end of the i386

React to this headline:

Loading spinner

Kali Linux 2024.4 released! 14 new shiny tools added Read More »

Trapster Community: Open-source, low-interaction honeypot

Trapster Community: Open-source, low-interaction honeypot 2024-12-16 at 06:33 By Mirko Zorz Trapster Community is an open-source, lightweight, low-interaction honeypot designed for deployment within internal networks. It enhances network security by creating a deceptive layer that monitors and detects suspicious activities. “Our reengineered approach leverages the asyncio library, breaking away from the norm of Twisted, to

React to this headline:

Loading spinner

Trapster Community: Open-source, low-interaction honeypot Read More »

FuzzyAI: Open-source tool for automated LLM fuzzing

FuzzyAI: Open-source tool for automated LLM fuzzing 2024-12-13 at 07:36 By Help Net Security FuzzyAI is an open-source framework that helps organizations identify and address AI model vulnerabilities in cloud-hosted and in-house AI models, like guardrail bypassing and harmful output generation. FuzzyAI offers organizations a systematic approach to testing AI models against various adversarial inputs,

React to this headline:

Loading spinner

FuzzyAI: Open-source tool for automated LLM fuzzing Read More »

Keycloak: Open-source identity and access management

Keycloak: Open-source identity and access management 2024-12-12 at 06:04 By Help Net Security Keycloak is an open-source project for identity and access management (IAM). It provides user federation, strong authentication, user management, authorization, and more. Keycloak is based on standard protocols and supports OpenID Connect, OAuth 2.0, and SAML. Single Sign-On: Users authenticate through Keycloak

React to this headline:

Loading spinner

Keycloak: Open-source identity and access management Read More »

Open source malware up 200% since 2023

Open source malware up 200% since 2023 2024-12-11 at 07:32 By Help Net Security Sonatype’s 2024 Open Source Malware Threat Report reveals that the number of malicious packages has surpassed 778,500 since tracking began in 2019. In 2024, researchers examined how threat actors leverage malicious open-source packages to target developers, particularly as enterprises increasingly adopt

React to this headline:

Loading spinner

Open source malware up 200% since 2023 Read More »

21 years since its inception, GNU Shepherd 1.0.0 is released

21 years since its inception, GNU Shepherd 1.0.0 is released 2024-12-10 at 13:03 By Help Net Security GNU Shepherd is a service manager designed to oversee the system’s daemons. It functions both as an “init” system (PID 1) and as a tool for unprivileged users to manage per-user daemons. GNU Shepherd GNU Shepherd supports various

React to this headline:

Loading spinner

21 years since its inception, GNU Shepherd 1.0.0 is released Read More »

Neosync: Open-source data anonymization, synthetic data orchestration

Neosync: Open-source data anonymization, synthetic data orchestration 2024-12-10 at 06:37 By Help Net Security Neosync is an open-source, developer-centric solution designed to anonymize PII, generate synthetic data, and synchronize environments for improved testing and debugging. What you can do with Neosync Safely test code with production data: Anonymize sensitive production data to safely use it

React to this headline:

Loading spinner

Neosync: Open-source data anonymization, synthetic data orchestration Read More »

Update your OpenWrt router! Security issue made supply chain attack possible

Update your OpenWrt router! Security issue made supply chain attack possible 2024-12-09 at 20:51 By Zeljka Zorz A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development of the popular Linux distribution for embedded devices. About OpenWrt OpenWrt

React to this headline:

Loading spinner

Update your OpenWrt router! Security issue made supply chain attack possible Read More »

SafeLine: Open-source web application firewall (WAF)

SafeLine: Open-source web application firewall (WAF) 2024-12-04 at 07:38 By Mirko Zorz SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks. “SafeLine WAF was created to protect web applications for small and medium-sized enterprises from cyber threats by monitoring and filtering HTTP/HTTPS traffic. More importantly, with the widespread

React to this headline:

Loading spinner

SafeLine: Open-source web application firewall (WAF) Read More »

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks 2024-12-04 at 07:21 By Mirko Zorz In this Help Net Security interview, Niv Braun, CEO at Noma Security, discusses the difficulties security teams face due to the fragmented nature of AI processes, tools, and teams across the data and AI lifecycle. Braun also shares insights

React to this headline:

Loading spinner

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks Read More »

70% of open-source components are poorly or no longer maintained

70% of open-source components are poorly or no longer maintained 2024-12-04 at 06:35 By Help Net Security The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje. Open-source code risks rise with anonymous contributions Microsoft estimates that its customers face 600 million cyberattacks

React to this headline:

Loading spinner

70% of open-source components are poorly or no longer maintained Read More »

Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams

Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams 2024-12-03 at 11:18 By Mirko Zorz Nextcloud has unveiled Nextcloud Talk, an open-source alternative to Microsoft Teams. It’s a privacy-compliant collaboration platform for hybrid teams that gives companies complete control over their data. Nextcloud Talk collaboration software delivers highly secure, GDPR-compliant communication while providing all the essential

React to this headline:

Loading spinner

Nextcloud Talk: Open-source, GDPR-compliant alternative to Microsoft Teams Read More »

Hottest cybersecurity open-source tools of the month: November 2024

Hottest cybersecurity open-source tools of the month: November 2024 2024-11-27 at 06:03 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. ScubaGear ScubaGear is an open-source tool the Cybersecurity and Infrastructure Security Agency (CISA) created to automatically evaluate Microsoft 365 (M365) configurations

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: November 2024 Read More »

Overcoming legal and organizational challenges in ethical hacking

Overcoming legal and organizational challenges in ethical hacking 2024-11-25 at 07:33 By Mirko Zorz In this Help Net Security interview, Balázs Pózner, CEO at Hackrate, discusses the essential technical skills for ethical hackers and how they vary across different security domains. He explains how AI and machine learning enhance ethical hacking by streamlining vulnerability detection

React to this headline:

Loading spinner

Overcoming legal and organizational challenges in ethical hacking Read More »

Deploy a SOC using Kali Linux in AWS

Deploy a SOC using Kali Linux in AWS 2024-11-25 at 07:04 By Mirko Zorz The Kali SOC in AWS project enables the deployment of a Security Operations Center (SOC) in AWS, utilizing the Kali Linux toolset for purple team activities. This environment is ideal for honing skills in security operations, threat detection, incident response, and

React to this headline:

Loading spinner

Deploy a SOC using Kali Linux in AWS Read More »

Proxmox Virtual Environment 8.3: SDN-firewall integration, faster container backups, and more!

Proxmox Virtual Environment 8.3: SDN-firewall integration, faster container backups, and more! 2024-11-22 at 10:01 By Help Net Security The Proxmox Virtual Environment 8.3 enterprise virtualization solution features management tools and a user-friendly web interface, allowing you to deploy open-source solutions in clustered, highly available setups. This version is based on Debian 12.8 (Bookworm), but uses

React to this headline:

Loading spinner

Proxmox Virtual Environment 8.3: SDN-firewall integration, faster container backups, and more! Read More »

AxoSyslog: Open-source scalable security data processor

AxoSyslog: Open-source scalable security data processor 2024-11-21 at 08:52 By Mirko Zorz AxoSyslog is a syslog-ng fork, created and maintained by the original creator of syslog-ng, Balazs Scheidler, and his team. “We first started by making syslog-ng more cloud-ready: we packaged syslog-ng in a container, added helm charts, and made it more suitable for use

React to this headline:

Loading spinner

AxoSyslog: Open-source scalable security data processor Read More »

Scroll to Top