software

Integrating cybersecurity into vehicle design and manufacturing

automotive security, connected cars, cyberattacks, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, REE Automotive, risk assessment, software, standards, strategy, supply chain /

Integrating cybersecurity into vehicle design and manufacturing 2024-02-12 at 08:01 By Mirko Zorz In this Help Net Security interview, Yaron Edan, CISO at REE Automotive, discusses the cybersecurity landscape of the automotive industry, mainly focusing on electric and connected vehicles. Edan highlights the challenges of technological advancements and outlines strategies for automakers to address cyber […]

React to this headline:

Loading spinner

Integrating cybersecurity into vehicle design and manufacturing Read More »

SiCat: Open-source exploit finder

451 Research, Don't miss, exploit, GitHub, Hot stuff, News, open source, software /

SiCat: Open-source exploit finder 2024-02-12 at 06:31 By Mirko Zorz SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Its primary aim is to assist in cybersecurity, enabling users to search the internet for potential vulnerabilities and corresponding exploits. Akas Wisnu Aji,

React to this headline:

Loading spinner

SiCat: Open-source exploit finder Read More »

SOAPHound: Open-source tool to collect Active Directory data via ADWS

Active Directory, Don't miss, GitHub, Hot stuff, News, open source, software /

SOAPHound: Open-source tool to collect Active Directory data via ADWS 2024-02-08 at 07:02 By Mirko Zorz SOAPHound is an open-source data collection tool capable of enumerating Active Directory environments through the Active Directory Web Services (ADWS) protocol. How SOAPHound works SOAPHound is a substitute for various open-source security tools typically employed for extracting data from

React to this headline:

Loading spinner

SOAPHound: Open-source tool to collect Active Directory data via ADWS Read More »

Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure

AWS, cybersecurity, database security, Don't miss, GitHub, Hot stuff, News, open source, software /

Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure 2024-02-07 at 07:31 By Mirko Zorz Prowler is an open-source security tool designed to assess, audit, and enhance the security of AWS, GCP, and Azure. It’s also equipped for incident response, continuous monitoring, hardening, and forensics preparation. Details The tool includes hundreds of controls that

React to this headline:

Loading spinner

Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure Read More »

Latio Application Security Tester: Use AI to scan your code

Artificial Intelligence, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, OpenAI, software /

Latio Application Security Tester: Use AI to scan your code 2024-02-05 at 08:02 By Mirko Zorz Latio Application Security Tester is an open-source tool that enables the usage of OpenAI to scan code from the CLI for security and health issues. Features and future plans James Berthoty, the creator of Latio Application Security Tester, told

React to this headline:

Loading spinner

Latio Application Security Tester: Use AI to scan your code Read More »

CVEMap: Open-source tool to query, browse and search CVEs

CISA, CVE, cybersecurity, Don't miss, GitHub, HackerOne, Hot stuff, News, open source, Project Discovery, software /

CVEMap: Open-source tool to query, browse and search CVEs 2024-02-01 at 07:01 By Mirko Zorz CVEMap is an open-source command-line interface (CLI) tool that allows you to explore Common Vulnerabilities and Exposures (CVEs). It’s designed to offer a streamlined and user-friendly interface for navigating vulnerability databases. Although CVEs are crucial for pinpointing and discussing security

React to this headline:

Loading spinner

CVEMap: Open-source tool to query, browse and search CVEs Read More »

Free ransomware recovery tool White Phoenix now has a web version

cybercrime, cybersecurity, disaster recovery, Don't miss, Hot stuff, Malware, News, Ransomware, software /

Free ransomware recovery tool White Phoenix now has a web version 2024-01-31 at 10:17 By Help Net Security White Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption. It was tested on BlackCat/ALPHV Ransomware, Play Ransomware, Qilin/Agenda Ransomware, BianLian Ransomware, and DarkBit. Intermittent encryption occurs when ransomware chooses

React to this headline:

Loading spinner

Free ransomware recovery tool White Phoenix now has a web version Read More »

Faction: Open-source pentesting report generation and collaboration framework

Don't miss, GitHub, News, open source, penetration testing, report, software /

Faction: Open-source pentesting report generation and collaboration framework 2024-01-30 at 07:31 By Mirko Zorz Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs. A key frustration for him was the redundant

React to this headline:

Loading spinner

Faction: Open-source pentesting report generation and collaboration framework Read More »

Automated Emulation: Open-source breach and attack simulation lab

cybersecurity, Don't miss, GitHub, News, open source, software, Terraform /

Automated Emulation: Open-source breach and attack simulation lab 2024-01-25 at 07:31 By Mirko Zorz Automated Emulation is an open-source Terraform template designed to create a customizable, automated breach and attack simulation lab. The solution automatically constructs the following resources hosted on AWS: One Linux server deploying Caldera, Prelude Operator Headless, and VECTR One Windows Client

React to this headline:

Loading spinner

Automated Emulation: Open-source breach and attack simulation lab Read More »

CISOs’ role in identifying tech components and managing supply chains

Artificial Intelligence, CISO, cybersecurity, Don't miss, Eclypsium, Features, hardware, Hot stuff, News, opinion, regulation, software, strategy, supply chain /

CISOs’ role in identifying tech components and managing supply chains 2024-01-25 at 07:01 By Mirko Zorz In this Help Net Security interview, Nate Warfield, Director of Threat Research and Intelligence at Eclypsium, outlines the crucial tasks for CISOs in protecting supply chains and achieving comprehensive visibility. Warfield also discusses the vital collaboration between security and

React to this headline:

Loading spinner

CISOs’ role in identifying tech components and managing supply chains Read More »

Software supply chain attacks are getting easier

cybercrime, cybersecurity, Don't miss, News, open source, report, ReversingLabs, software, supply chain attacks, survey /

Software supply chain attacks are getting easier 2024-01-24 at 06:03 By Help Net Security ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems. These findings mark an astounding 1,300% increase in malicious packages from 2020 and an increase of 28% over 2022 when a

React to this headline:

Loading spinner

Software supply chain attacks are getting easier Read More »

CloudFoxable: Open-source AWS penetration testing playground

AWS, Bishop Fox, cybersecurity, News, penetration testing, research, skill development, software /

CloudFoxable: Open-source AWS penetration testing playground 2024-01-22 at 07:02 By Mirko Zorz CloudFoxable is a capture-the-flag (CTF) style learning platform you can deploy to your playground AWS account. It primarily targets current penetration testers seeking to learn exploitation of cloud-native attack paths, and cloud security experts aiming to practice offensive security techniques safely. “What makes

React to this headline:

Loading spinner

CloudFoxable: Open-source AWS penetration testing playground Read More »

Skytrack: Open-source aircraft reconnaissance tool

Don't miss, GitHub, News, open source, OSINT, software /

Skytrack: Open-source aircraft reconnaissance tool 2024-01-18 at 07:31 By Mirko Zorz Skytrack is an open-source command-line tool for plane spotting and aircraft OSINT reconnaissance. The tool utilizes multiple data sources to collect information on aircraft, can produce a PDF report for a specific aircraft, and offers conversion between ICAO and Tail Number designations. Suitable for

React to this headline:

Loading spinner

Skytrack: Open-source aircraft reconnaissance tool Read More »

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations

cybersecurity, DFIR, Linux, News, open source, software /

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations 2024-01-16 at 06:31 By Mirko Zorz Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities.

React to this headline:

Loading spinner

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations Read More »

Adalanche: Open-source Active Directory ACL visualizer, explorer

Active Directory, cybersecurity, GitHub, News, open source, software /

Adalanche: Open-source Active Directory ACL visualizer, explorer 2024-01-15 at 07:01 By Mirko Zorz Adalanche provides immediate insights into the permissions of users and groups within an Active Directory. It’s an effective open-source tool for visualizing and investigating potential account, machine, or domain takeovers. Additionally, it helps identify and display any misconfigurations. What unique features make

React to this headline:

Loading spinner

Adalanche: Open-source Active Directory ACL visualizer, explorer Read More »

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals

cybersecurity, Don't miss, GitHub, hardware, Hot stuff, News, open source, Raspberry Pi, reconnaissance, software /

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals 2024-01-10 at 07:02 By Mirko Zorz Fly Catcher is an open-source device that can detect aircraft spoofing by monitoring for malicious ADS-B signals in the 1090MHz frequency. Angelina Tsuboi, the developer of Fly Catcher, is an enthusiastic pilot, cybersecurity researcher, and tinkerer. She was driven

React to this headline:

Loading spinner

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals Read More »

Researchers develop technique to prevent software bugs

Artificial Intelligence, code, Google, human error, News, software /

Researchers develop technique to prevent software bugs 2024-01-10 at 06:01 By Help Net Security A team of computer scientists led by the University of Massachusetts Amherst recently announced a new method for automatically generating whole proofs that can be used to prevent software bugs and verify that the underlying code is correct. This new method,

React to this headline:

Loading spinner

Researchers develop technique to prevent software bugs Read More »

AuthLogParser: Open-source tool for analyzing Linux authentication logs

cybersecurity, Don't miss, GitHub, Hot stuff, Linux, News, open source, software /

AuthLogParser: Open-source tool for analyzing Linux authentication logs 2024-01-08 at 07:31 By Mirko Zorz AuthLogParser is an open-source tool tailored for digital forensics and incident response, specifically crafted to analyze Linux authentication logs (auth.log). The tool examines the auth.log file, extracting crucial details like SSH logins, user creations, event names, IP addresses, among others. It

React to this headline:

Loading spinner

AuthLogParser: Open-source tool for analyzing Linux authentication logs Read More »

Vim 9.1 released: New features and bug fixes

News, open source, software, Unix /

Vim 9.1 released: New features and bug fixes 2024-01-08 at 06:31 By Help Net Security Vim, a highly adaptable text editor, is designed to efficiently create and modify all types of text. It comes included as vi in most UNIX systems and macOS. Renowned for its rock-solid stability, Vim is constantly evolving to improve further,

React to this headline:

Loading spinner

Vim 9.1 released: New features and bug fixes Read More »

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts

cloud security, computer forensics, Don't miss, GitHub, Google Drive, News, open source, software /

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts 2024-01-04 at 07:31 By Mirko Zorz DriveFS Sleuth automates the investigation of Google Drive File Stream disk artifacts. The tool can parse the disk artifacts and build a filesystem tree-like structure enumerating the synchronized files along with their respective properties. “While engaged

React to this headline:

Loading spinner

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts Read More »

Scroll to Top