open source
Elasticsearch security: Understand your options and apply best practices
The ever-escalating popularity of Elasticsearch – the distributed open source search and log analytics engine that has become a staple in enterprise application developers’ …
New vulnerabilities in open source packages down 20% compared to last year
New vulnerabilities in open source packages were down 20% compared to last year suggesting security of open source packages and containers are heading in a positive direction, …
2019 was a record year for OSS vulnerabilities
Total vulnerabilities in OSS more than doubled in 2019 from 421 Common Vulnerabilities and Exposures (CVEs) in 2018 to 968 last year, according to a RiskSense report. Top 10 …
Cooking up secure code: A foolproof recipe for open source
The use of open source code in modern software has become nearly ubiquitous. It makes perfect sense: facing ever-increasing pressures to accelerate the rate at which new …
New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows
With a new fuzzing tool created specifically for testing the security of USB drivers, researchers have discovered more than two dozen vulnerabilities in a variety of operating …
How secure are open source libraries?
Seven in 10 applications have a security flaw in an open source library, highlighting how use of open source can introduce flaws, increase risk, and add to security debt, a …
Eye-opening statistics about open source security, license compliance, and code quality risk
99% of commercial codebases contain at least one open source component, with open source comprising 70% of the code overall, according to Synopsys. Open source components and …
Kali Linux 2020.2: New look, new packages, new installer options
Offensive Security has released Kali Linux 2020.2, the latest iteration of the popular open source penetration testing platform. Kali Linux 2020.2 changes There are several …
GitHub Code Scanning aims to prevent vulnerabilities in open source software
GitHub has made available two new security features for open and private repositories: code scanning (as a GitHub-native experience) and secret scanning (both still in beta). …
SaltStack Salt vulnerabilities actively exploited by attackers, patch ASAP!
Two vulnerabilities in SaltStack Salt, an open-source remote task and configuration management framework, are being actively exploited by attackers, CISA warns. About …
Spotting and blacklisting malicious COVID-19-themed sites
Since last December, over 136,000 new COVID-19-themed domains have popped up and, while many host legitimate websites, others have been set up to serve malware, phishing …
Mozilla will fund open source COVID-19-related technology projects
Have you come up with hardware or software that can help solve a problem that arose from COVID-19 and its worldwide spread? Mozilla is offering up to $50,000 to open source …
Featured news
Sponsored
Don't miss
- Black Friday shoppers targeted with thousands of fraudulent online stores
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
- How to recognize employment fraud before it becomes a security issue
- Practical strategies to build an inclusive culture in cybersecurity
- Domain security posture of Forbes Global 2000 companies