open source

12 open-source penetration testing tools you might not know about

12 open-source penetration testing tools you might not know about 18/07/2023 at 07:34 By Mirko Zorz Red Siege has developed and made available many open-source tools to help with your penetration testing work. The company plans to continue to support the tools listed below, whether in the form of bug fixes or new features. Give […]

React to this headline:

Loading spinner

12 open-source penetration testing tools you might not know about Read More »

Critical XSS vulnerability in Zimbra exploited in the wild (CVE-2023-34192)

Critical XSS vulnerability in Zimbra exploited in the wild (CVE-2023-34192) 17/07/2023 at 14:47 By Helga Labus A critical cross site scripting (XSS) vulnerability (CVE-2023-34192) in popular open source email collaboration suite Zimbra is being exploited by attackers. About the vulnerability (CVE-2023-34192) CVE-2023-34192 could allow a remote authenticated threat actor to execute arbitrary code through a

React to this headline:

Loading spinner

Critical XSS vulnerability in Zimbra exploited in the wild (CVE-2023-34192) Read More »

Owncast, EaseProbe security vulnerabilities revealed

Owncast, EaseProbe security vulnerabilities revealed 11/07/2023 at 11:17 By Help Net Security Oxeye has uncovered two critical security vulnerabilities and recommends immediate action to mitigate risk. The vulnerabilities were discovered in Owncast (CVE-2023-3188) and EaseProbe (CVE-2023-33967), two open-source platforms written in Go. Owncast vulnerability (CVE-2023-3188) The first vulnerability was discovered in Owncast, an open-source, self-hosted,

React to this headline:

Loading spinner

Owncast, EaseProbe security vulnerabilities revealed Read More »

Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech

Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech 05/07/2023 at 19:47 By Ryan Naraine Infisical banks $2.8 million in seed funding as investors continue to bet on companies in the software supply chain security space. The post Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech Read More »

Cloud-native security hinges on open source

Cloud-native security hinges on open source 22/06/2023 at 07:33 By Help Net Security Technologies like Kubernetes and K3S are synonymous with the success of cloud native computing and the power of open source. It is no accident they have steamrolled the competition. As enterprises look to secure cloud-native environments, open source is the critical piece

React to this headline:

Loading spinner

Cloud-native security hinges on open source Read More »

10 open-source recon tools worth your time

10 open-source recon tools worth your time 20/06/2023 at 07:02 By Help Net Security Recon is the initial stage in the penetration testing process. It’s a vital phase allowing the tester to understand their target and strategize their moves. Here are ten open-source recon tools that deserve to be in your arsenal. Altdns Altdns is

React to this headline:

Loading spinner

10 open-source recon tools worth your time Read More »

Fiddler Auditor: Open-source tool evaluates the robustness of large language models

Fiddler Auditor: Open-source tool evaluates the robustness of large language models 15/06/2023 at 07:17 By Help Net Security Fiddler Auditor is an open-source tool designed to evaluate the robustness of Large Language Models (LLMs) and Natural Language Processing (NLP) models. LLMs can sometimes produce unwarranted content, potentially create hostile responses, and may disclose confidential information

React to this headline:

Loading spinner

Fiddler Auditor: Open-source tool evaluates the robustness of large language models Read More »

20 cybersecurity projects on GitHub you should check out

20 cybersecurity projects on GitHub you should check out 08/06/2023 at 07:47 By Helga Labus Open-source GitHub cybersecurity projects, developed and maintained by dedicated contributors, provide valuable tools, frameworks, and resources to enhance security practices. From vulnerability scanning and network monitoring to encryption and incident response, the following collection encompasses a diverse range of projects

React to this headline:

Loading spinner

20 cybersecurity projects on GitHub you should check out Read More »

SBOMs – Software Supply Chain Security’s Future or Fantasy?

SBOMs – Software Supply Chain Security’s Future or Fantasy? 05/06/2023 at 14:39 By Kevin Townsend If after eighteen months, meaningful use of SBOMs is unachievable, we need to ask what needs to be done to fulfill Biden’s executive order. The post SBOMs – Software Supply Chain Security’s Future or Fantasy? appeared first on SecurityWeek. This

React to this headline:

Loading spinner

SBOMs – Software Supply Chain Security’s Future or Fantasy? Read More »

Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more!

Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more! 31/05/2023 at 10:29 By Zeljka Zorz Offensive Security has released Kali Linux 2023.2, the latest version of its popular penetration testing and digital forensics platform. New tools in Kali Linux 2023.2 Aside from updates for existing tools, a new

React to this headline:

Loading spinner

Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more! Read More »

CISO-approved strategies for software supply chain security

CISO-approved strategies for software supply chain security 29/05/2023 at 08:48 By Help Net Security Integrating proprietary and open-source code, APIs, user interfaces, application behavior, and deployment workflows creates an intricate composition in modern applications. Any vulnerabilities within this software supply chain can jeopardize your and your customers’ safety. In this Help Net Security video, Tim

React to this headline:

Loading spinner

CISO-approved strategies for software supply chain security Read More »

Red Hat Pushes New Tools to Secure Software Supply Chain

Red Hat Pushes New Tools to Secure Software Supply Chain 23/05/2023 at 17:49 By Ryan Naraine Red Hat rolls out a new suite of tools and services to help mitigate vulnerabilities across every stage of the modern software supply chain. The post Red Hat Pushes New Tools to Secure Software Supply Chain appeared first on

React to this headline:

Loading spinner

Red Hat Pushes New Tools to Secure Software Supply Chain Read More »

Enhancing open source security: Insights from the OpenSSF on addressing key challenges

Enhancing open source security: Insights from the OpenSSF on addressing key challenges 18/05/2023 at 08:00 By Mirko Zorz In this Help Net Security interview, we meet a prominent industry leader. Brian Behlendorf, CTO at the Open Source Security Foundation (OpenSSF), shares insights on the influence of his experiences with the White House CTO office, World

React to this headline:

Loading spinner

Enhancing open source security: Insights from the OpenSSF on addressing key challenges Read More »

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784) 17/05/2023 at 16:44 By Zeljka Zorz A vulnerability (CVE-2023-32784) in the open-source password manager KeePass can be exploited to retrieve the master password from the software’s memory, says the researcher who unearthed the flaw. The bad news is that the vulnerability is still unfixed

React to this headline:

Loading spinner

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784) Read More »

Malicious open-source components threatening digital infrastructure

Malicious open-source components threatening digital infrastructure 17/05/2023 at 09:42 By Help Net Security A new risk emerges in the digital era, where open-source software has become a fundamental pillar in developing innovative applications. The threat? Malicious open-source components. In this Help Net Security video, Henrik Plate, Lead Security Researcher at Endor Labs, discusses the dual-edged

React to this headline:

Loading spinner

Malicious open-source components threatening digital infrastructure Read More »

OpenSSF Receives $5 Million for Open Source Software Security Project

OpenSSF Receives $5 Million for Open Source Software Security Project 11/05/2023 at 17:42 By Ionut Arghire OpenSSF has added four new members and is receiving $5 million in funding for its Alpha-Omega open source software security project. The post OpenSSF Receives $5 Million for Open Source Software Security Project appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

OpenSSF Receives $5 Million for Open Source Software Security Project Read More »

Never leak secrets to your GitHub repositories again

Never leak secrets to your GitHub repositories again 10/05/2023 at 14:47 By Helga Labus GitHub is making push protection – a security feature designed to automatically prevent the leaking of secrets to repositories – free for owners of all public repositories. Previously, the feature was available only for private repositories with a GitHub Advanced Security

React to this headline:

Loading spinner

Never leak secrets to your GitHub repositories again Read More »

Scroll to Top