software

Detecting vulnerable code in software dependencies is more complex than it seems

code, code analysis, cybersecurity, Don't miss, Endor Labs, Features, Hot stuff, News, open source, opinion, remediation, SCA, software, vulnerability management /

Detecting vulnerable code in software dependencies is more complex than it seems 2024-09-18 at 07:31 By Mirko Zorz In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within software dependencies. Plate also discusses the limitations of traditional software composition analysis (SCA) solutions […]

React to this headline:

Loading spinner

Detecting vulnerable code in software dependencies is more complex than it seems Read More »

EchoStrike: Generate undetectable reverse shells, perform process injection

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, red team, software, Windows /

EchoStrike: Generate undetectable reverse shells, perform process injection 2024-09-16 at 07:31 By Mirko Zorz EchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems. “EchoStrike allows you to generate binaries that, when executed, create an undetectable RevShell, which can be the first entry point into a company.

React to this headline:

Loading spinner

EchoStrike: Generate undetectable reverse shells, perform process injection Read More »

Compliance frameworks and GenAI: The Wild West of security standards

Application Security, automation, Compliance, cybersecurity, Don't miss, Features, generative AI, Hot stuff, News, opinion, penetration testing, regulation, software, SplxAI /

Compliance frameworks and GenAI: The Wild West of security standards 2024-09-16 at 07:01 By Mirko Zorz In this Help Net Security interview, Kristian Kamber, CEO at SplxAI, discusses how security challenges for GenAI differ from traditional software. Unlike predictable software, GenAI introduces dynamic, evolving threats, requiring new strategies for defense and compliance. Kamber highlights the

React to this headline:

Loading spinner

Compliance frameworks and GenAI: The Wild West of security standards Read More »

VirtualBox 7.1: This is a major update, here’s what’s new

News, Oracle, software, VirtualBox, virtualization /

VirtualBox 7.1: This is a major update, here’s what’s new 2024-09-12 at 10:47 By Help Net Security VirtualBox is a full virtualizer for x86 hardware designed for servers, desktops, and embedded systems. VirtualBox 7.1 introduces an enhanced user interface, cloud VM management, ARM support, Wayland compatibility, and more. New features in VirtualBox 7.1 This is

React to this headline:

Loading spinner

VirtualBox 7.1: This is a major update, here’s what’s new Read More »

DockerSpy: Search for images on Docker Hub, extract sensitive information

containers, Docker, Don't miss, GitHub, Hot stuff, News, open source, software /

DockerSpy: Search for images on Docker Hub, extract sensitive information 2024-09-11 at 07:31 By Mirko Zorz DockerSpy scans Docker Hub for images and retrieves sensitive information, including authentication secrets, private keys, and other confidential data. “DockerSpy was created to address the growing concern of sensitive data leaks within Docker images, especially those publicly available on

React to this headline:

Loading spinner

DockerSpy: Search for images on Docker Hub, extract sensitive information Read More »

33 open-source cybersecurity solutions you didn’t know you needed

cybersecurity, Don't miss, GitHub, Hot stuff, Linux, macOS, News, open source, software, Windows /

33 open-source cybersecurity solutions you didn’t know you needed 2024-09-10 at 06:31 By Help Net Security Open-source cybersecurity tools provide transparency and flexibility, allowing users to examine and customize the source code to fit specific security needs. These tools make cybersecurity accessible to a broader range of organizations and individuals. In this article, you will

React to this headline:

Loading spinner

33 open-source cybersecurity solutions you didn’t know you needed Read More »

OpenZiti: Secure, open-source networking for your applications

Don't miss, GitHub, Hot stuff, networking, News, open source, software, zero trust /

OpenZiti: Secure, open-source networking for your applications 2024-09-09 at 07:33 By Mirko Zorz OpenZiti is a free, open-source project that embeds zero-trust networking principles directly into applications. Example of an OpenZiti overlay network OpenZiti features “We created OpenZiti to transform how people think about connectivity. While OpenZiti is a zero-trust networking platform, you can also

React to this headline:

Loading spinner

OpenZiti: Secure, open-source networking for your applications Read More »

Samba 4.21 comes with upgraded security features

networking, News, open source, Samba, software /

Samba 4.21 comes with upgraded security features 2024-09-04 at 12:01 By Help Net Security Samba is the standard suite of programs that enables seamless interoperability between Linux/Unix and Windows systems. Version 4.21 has been officially released. Hardening In previous versions of Samba, if a user or group name in either option could not be resolved

React to this headline:

Loading spinner

Samba 4.21 comes with upgraded security features Read More »

OpenBAS: Open-source breach and attack simulation platform

Don't miss, Filigran, GitHub, Hot stuff, News, open source, software /

OpenBAS: Open-source breach and attack simulation platform 2024-09-04 at 07:02 By Mirko Zorz OpenBAS is an open-source platform that enables organizations to plan, schedule, and execute crisis exercises, adversary simulations, and breach simulations. Compliant with ISO 22398 standards, OpenBAS is built as a modern web application featuring a user-centric interface and a RESTful API. The

React to this headline:

Loading spinner

OpenBAS: Open-source breach and attack simulation platform Read More »

Damn Vulnerable UEFI: Simulate real-world firmware attacks

Don't miss, firmware, GitHub, Hot stuff, News, open source, software /

Damn Vulnerable UEFI: Simulate real-world firmware attacks 2024-09-02 at 07:31 By Help Net Security Damn Vulnerable UEFI (DVUEFI) is an open-source exploitation toolkit and learning platform for unveiling and fixing UEFI firmware vulnerabilities. Simulate real-world firmware attacks DVUEFI was created to assist ethical hackers, security researchers, and firmware enthusiasts in beginning their journey into UEFI

React to this headline:

Loading spinner

Damn Vulnerable UEFI: Simulate real-world firmware attacks Read More »

Sinon: Open-source automatic generative burn-in for Windows deception hosts

Don't miss, GitHub, Hot stuff, News, open source, software /

Sinon: Open-source automatic generative burn-in for Windows deception hosts 2024-08-30 at 07:01 By Mirko Zorz Sinon is an open-source, modular tool for the automatic burn-in of Windows-based deception hosts. It aims to reduce the difficulty of orchestrating deception hosts at scale while enabling diversity and randomness through generative capabilities. Sinon is designed to automate the

React to this headline:

Loading spinner

Sinon: Open-source automatic generative burn-in for Windows deception hosts Read More »

Cryptomator: Open-source cloud storage encryption

Cloud, cloud security, Don't miss, Encryption, Hot stuff, News, open source, Privacy, software /

Cryptomator: Open-source cloud storage encryption 2024-08-28 at 07:31 By Mirko Zorz Cryptomator offers open-source, client-side encryption of your files in the cloud. It’s available for Windows, Linux, macOS and iOS. Cryptomator works with Dropbox, Google Drive, OneDrive, MEGA, pCloud, ownCloud, Nextcloud, and any other cloud storage service that synchronizes with a local directory. Key features

React to this headline:

Loading spinner

Cryptomator: Open-source cloud storage encryption Read More »

Two strategies to protect your business from the next large-scale tech failure

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, InkBridge Networks, News, opinion, software, strategy /

Two strategies to protect your business from the next large-scale tech failure 2024-08-26 at 06:47 By Help Net Security The CrowdStrike event in July clearly demonstrated the risks of allowing a software vendor deep access to network infrastructure. It also raised concerns about the concentration of digital services in the hands of a few companies.

React to this headline:

Loading spinner

Two strategies to protect your business from the next large-scale tech failure Read More »

Nuclei: Open-source vulnerability scanner

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, scanning, software, vulnerability assessment /

Nuclei: Open-source vulnerability scanner 2024-08-26 at 06:31 By Help Net Security Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform various security checks. It can send requests to multiple targets using customizable templates, ensuring zero false positives and enabling rapid

React to this headline:

Loading spinner

Nuclei: Open-source vulnerability scanner Read More »

OpenCTI: Open-source cyber threat intelligence platform

Don't miss, Filigran, GitHub, Hot stuff, News, open source, software, Threat Intelligence /

OpenCTI: Open-source cyber threat intelligence platform 2024-08-21 at 07:31 By Help Net Security OpenCTI is an open-source platform designed to help organizations manage their cyber threat intelligence (CTI) data and observables. The platform structures its data using a knowledge schema built on the STIX2 standards. It features a modern web application architecture with a GraphQL

React to this headline:

Loading spinner

OpenCTI: Open-source cyber threat intelligence platform Read More »

x64dbg: Open-source binary debugger for Windows

bug hunting, GitHub, malware analysis, News, open source, reverse engineering, software, Windows /

x64dbg: Open-source binary debugger for Windows 2024-08-19 at 07:01 By Mirko Zorz x64dbg is an open-source binary debugger for Windows, designed for malware analysis and reverse engineering of executables without access to the source code. It offers a wide range of features and a plugin system, allowing you to customize and extend its capabilities to

React to this headline:

Loading spinner

x64dbg: Open-source binary debugger for Windows Read More »

Authentik: Open-source identity provider

authentication, Don't miss, GitHub, Hot stuff, News, open source, software /

Authentik: Open-source identity provider 2024-08-16 at 07:01 By Mirko Zorz Authentik is an open-source identity provider designed for maximum flexibility and adaptability. It easily integrates into existing environments and supports new protocols. It’s a comprehensive solution for implementing features like sign-up, account recovery, and more in your application, eliminating the need to manage these tasks

React to this headline:

Loading spinner

Authentik: Open-source identity provider Read More »

IntelOwl: Open-source threat intelligence management

Don't miss, GitHub, Hot stuff, News, open source, software, Threat Intelligence /

IntelOwl: Open-source threat intelligence management 2024-08-14 at 07:31 By Mirko Zorz IntelOwl is an open-source solution designed for large-scale threat intelligence management. It integrates numerous online analyzers and advanced malware analysis tools, providing comprehensive insights in one platform. “In late 2019, I faced a significant challenge while working as a cybersecurity analyst in a Security

React to this headline:

Loading spinner

IntelOwl: Open-source threat intelligence management Read More »

Scout Suite: Open-source cloud security auditing tool

Alibaba Cloud, auditing, AWS, Azure, cloud security, Don't miss, GitHub, Google Cloud, Hot stuff, NCC Group, News, open source, software /

Scout Suite: Open-source cloud security auditing tool 2024-08-12 at 07:31 By Help Net Security Scout Suite is an open-source, multi-cloud security auditing tool designed to assess the security posture of cloud environments. By leveraging the APIs provided by cloud vendors, Scout Suite collects and organizes configuration data, making it easier to identify potential risks. Instead

React to this headline:

Loading spinner

Scout Suite: Open-source cloud security auditing tool Read More »

SSHamble: Open-source security testing of SSH services

Don't miss, GitHub, Hot stuff, News, open source, software, SSH /

SSHamble: Open-source security testing of SSH services 2024-08-08 at 09:33 By Help Net Security runZero published new research on Secure Shell (SSH) exposures and unveiled a corresponding open-source tool, SSHamble. This tool helps security teams validate SSH implementations by testing for uncommon but dangerous misconfigurations and software bugs. Discovered weaknesses During their presentation at Black

React to this headline:

Loading spinner

SSHamble: Open-source security testing of SSH services Read More »

Scroll to Top