open source

Software supply chain attacks are getting easier

cybercrime, cybersecurity, Don't miss, News, open source, report, ReversingLabs, software, supply chain attacks, survey /

Software supply chain attacks are getting easier 2024-01-24 at 06:03 By Help Net Security ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems. These findings mark an astounding 1,300% increase in malicious packages from 2020 and an increase of 28% over 2022 when a […]

React to this headline:

Loading spinner

Software supply chain attacks are getting easier Read More »

Skytrack: Open-source aircraft reconnaissance tool

Don't miss, GitHub, News, open source, OSINT, software /

Skytrack: Open-source aircraft reconnaissance tool 2024-01-18 at 07:31 By Mirko Zorz Skytrack is an open-source command-line tool for plane spotting and aircraft OSINT reconnaissance. The tool utilizes multiple data sources to collect information on aircraft, can produce a PDF report for a specific aircraft, and offers conversion between ICAO and Tail Number designations. Suitable for

React to this headline:

Loading spinner

Skytrack: Open-source aircraft reconnaissance tool Read More »

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations

cybersecurity, DFIR, Linux, News, open source, software /

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations 2024-01-16 at 06:31 By Mirko Zorz Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities.

React to this headline:

Loading spinner

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations Read More »

Adalanche: Open-source Active Directory ACL visualizer, explorer

Active Directory, cybersecurity, GitHub, News, open source, software /

Adalanche: Open-source Active Directory ACL visualizer, explorer 2024-01-15 at 07:01 By Mirko Zorz Adalanche provides immediate insights into the permissions of users and groups within an Active Directory. It’s an effective open-source tool for visualizing and investigating potential account, machine, or domain takeovers. Additionally, it helps identify and display any misconfigurations. What unique features make

React to this headline:

Loading spinner

Adalanche: Open-source Active Directory ACL visualizer, explorer Read More »

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals

cybersecurity, Don't miss, GitHub, hardware, Hot stuff, News, open source, Raspberry Pi, reconnaissance, software /

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals 2024-01-10 at 07:02 By Mirko Zorz Fly Catcher is an open-source device that can detect aircraft spoofing by monitoring for malicious ADS-B signals in the 1090MHz frequency. Angelina Tsuboi, the developer of Fly Catcher, is an enthusiastic pilot, cybersecurity researcher, and tinkerer. She was driven

React to this headline:

Loading spinner

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals Read More »

SQLi vulnerability in Cacti could lead to RCE (CVE-2023-51448)

Cacti, Don't miss, Hot stuff, network monitoring, News, open source, security update, SQL injection, Synopsys, vulnerability /

SQLi vulnerability in Cacti could lead to RCE (CVE-2023-51448) 2024-01-09 at 14:01 By Helga Labus A blind SQL injection vulnerability (CVE-2023-51448) in Cacti, a widely-used network monitoring, performance and fault management framework, could lead to information disclosure and potentially remote code execution. Cacti is often used in network operation centers of telecoms and web hosting

React to this headline:

Loading spinner

SQLi vulnerability in Cacti could lead to RCE (CVE-2023-51448) Read More »

AuthLogParser: Open-source tool for analyzing Linux authentication logs

cybersecurity, Don't miss, GitHub, Hot stuff, Linux, News, open source, software /

AuthLogParser: Open-source tool for analyzing Linux authentication logs 2024-01-08 at 07:31 By Mirko Zorz AuthLogParser is an open-source tool tailored for digital forensics and incident response, specifically crafted to analyze Linux authentication logs (auth.log). The tool examines the auth.log file, extracting crucial details like SSH logins, user creations, event names, IP addresses, among others. It

React to this headline:

Loading spinner

AuthLogParser: Open-source tool for analyzing Linux authentication logs Read More »

Vim 9.1 released: New features and bug fixes

News, open source, software, Unix /

Vim 9.1 released: New features and bug fixes 2024-01-08 at 06:31 By Help Net Security Vim, a highly adaptable text editor, is designed to efficiently create and modify all types of text. It comes included as vi in most UNIX systems and macOS. Renowned for its rock-solid stability, Vim is constantly evolving to improve further,

React to this headline:

Loading spinner

Vim 9.1 released: New features and bug fixes Read More »

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts

cloud security, computer forensics, Don't miss, GitHub, Google Drive, News, open source, software /

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts 2024-01-04 at 07:31 By Mirko Zorz DriveFS Sleuth automates the investigation of Google Drive File Stream disk artifacts. The tool can parse the disk artifacts and build a filesystem tree-like structure enumerating the synchronized files along with their respective properties. “While engaged

React to this headline:

Loading spinner

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts Read More »

15 open-source cybersecurity tools you’ll wish you’d known earlier

ARMO, CISA, Don't miss, Elastic, GitHub, Google, Mirantis, News, open source, Oryxlabs, report, SpecterOps, survey /

15 open-source cybersecurity tools you’ll wish you’d known earlier 2024-01-04 at 07:01 By Help Net Security Open-source tools represent a dynamic force in the technological landscape, embodying innovation, collaboration, and accessibility. These tools, developed with transparency and community-driven principles, empower users with the freedom to scrutinize, modify, and adapt solutions according to their unique needs.

React to this headline:

Loading spinner

15 open-source cybersecurity tools you’ll wish you’d known earlier Read More »

Subdominator: Open-source tool for detecting subdomain takeovers

cybersecurity, Don't miss, GitHub, News, open source, software, Stratus /

Subdominator: Open-source tool for detecting subdomain takeovers 20/12/2023 at 07:01 By Mirko Zorz Subdominator is a dependable and fast open-source command-line interface tool to identify subdomain takeovers. It boasts superior accuracy and reliability, offering improvements compared to other tools. “Initially, Subdominator was created internally because all the current subdomain takeover tools had gaps in their

React to this headline:

Loading spinner

Subdominator: Open-source tool for detecting subdomain takeovers Read More »

EMBA: Open-source security analyzer for embedded devices

cybersecurity, Don't miss, embedded systems, GitHub, News, open source, penetration testing, software /

EMBA: Open-source security analyzer for embedded devices 19/12/2023 at 08:02 By Mirko Zorz The EMBA open-source security analyzer is tailored as the central firmware analysis tool for penetration testers and product security groups. It assists throughout the security evaluation procedure, extracting firmware, conducting static and dynamic analysis through emulation, and creating a web-based report. EMBA

React to this headline:

Loading spinner

EMBA: Open-source security analyzer for embedded devices Read More »

Preserving privacy through advanced encryption techniques

cybersecurity, data, Duality Technologies, Encryption, Hyperproof, open source, Privacy, Video, Virtru /

Preserving privacy through advanced encryption techniques 18/12/2023 at 07:01 By Help Net Security At its core, encryption involves the use of algorithms, mathematical functions that manipulate data into a seemingly random and indecipherable form. This encoded information, referred to as ciphertext, can only be converted back into its original, meaningful state by those possessing the

React to this headline:

Loading spinner

Preserving privacy through advanced encryption techniques Read More »

GuardRail: Open-source tool for data analysis, AI content generation using OpenAI GPT models

Artificial Intelligence, News, Opaque, open source, PreVeil /

GuardRail: Open-source tool for data analysis, AI content generation using OpenAI GPT models 14/12/2023 at 10:32 By Help Net Security GuardRail OSS is an open-source project delivering practical guardrails to ensure responsible AI development and deployment. GuardRail: Tailored to an organization’s AI needs GuardRail OSS offers an API-driven framework for advanced data analysis, bias mitigation,

React to this headline:

Loading spinner

GuardRail: Open-source tool for data analysis, AI content generation using OpenAI GPT models Read More »

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis

GitHub, Microsoft, News, open source, software /

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis 14/12/2023 at 07:33 By Help Net Security Microsoft ICSpector is an open-source forensics framework that enables the analysis of industrial PLC metadata and project files. Architecture The framework provides investigators with a convenient way to scan for PLCs and identify any suspicious artifacts within ICS

React to this headline:

Loading spinner

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis Read More »

A closer look at LATMA, the open-source lateral movement detection tool

authentication, cybersecurity, Don't miss, Hot stuff, open source, Silverfort, Video /

A closer look at LATMA, the open-source lateral movement detection tool 13/12/2023 at 08:01 By Help Net Security In this Help Net Security video, Gal Sadeh, Head of Data and Security Research at Silverfort, discusses LATMA, a free, open-source tool. It’s engineered with advanced algorithms to track and report any unusual activity within an environment.

React to this headline:

Loading spinner

A closer look at LATMA, the open-source lateral movement detection tool Read More »

ThreatNG open-source datasets aim to improve cybersecurity practices

GitHub, News, open source, ThreatNG /

ThreatNG open-source datasets aim to improve cybersecurity practices 13/12/2023 at 07:32 By Mirko Zorz The ThreatNG Governance and Compliance Dataset is an open-source initiative that aims to democratize access to critical data, fostering transparency, collaboration, and improvement of cybersecurity practices globally. Datasets for organizational insight The open-source datasets offered by ThreatNG provide an understanding of

React to this headline:

Loading spinner

ThreatNG open-source datasets aim to improve cybersecurity practices Read More »

Nemesis: Open-source offensive data enrichment and analytic pipeline

cybersecurity, data, Don't miss, GitHub, Hot stuff, News, open source, scanning, software, SpecterOps /

Nemesis: Open-source offensive data enrichment and analytic pipeline 12/12/2023 at 07:32 By Mirko Zorz Nemesis is a centralized data processing platform that ingests, enriches, and performs analytics on offensive security assessment data (i.e., data collected during penetration tests and red team engagements).​​ Nemesis was created by Lee Chagolla-Christensen and Will Schroeder, both security researchers at

React to this headline:

Loading spinner

Nemesis: Open-source offensive data enrichment and analytic pipeline Read More »

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support

ARMO, GitHub, Industry news, open source, scanning, vulnerability management /

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support 11/12/2023 at 11:02 By Help Net Security With its innovative feature for generating reliable Vulnerability Exploitability eXchange (VEX) documents, Kubescape became the first open-source project to provide this functionality. This advancement offers security practitioners a powerful tool to effectively prioritize and address software vulnerabilities. What is

React to this headline:

Loading spinner

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support Read More »

ERC-2771 integration introduces address spoofing vulnerability — OpenZeppelin

DAO Attack, open source, smart contracts /

ERC-2771 integration introduces address spoofing vulnerability — OpenZeppelin 08/12/2023 at 10:02 By Cointelegraph by Arijit Sarkar The smart contract vulnerability arises after the integration of ERC-2771 and Multicall standards. OpenZepplin identified 13 sets of vulnerable smart contracts. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Loading spinner

ERC-2771 integration introduces address spoofing vulnerability — OpenZeppelin Read More »

Scroll to Top