Please turn on your JavaScript for this page to function normally.
open source
Downloads of known vulnerable open source components increase 120%

Sonatype today released its fourth annual State of the Software Supply Chain Report, which reveals the widespread use of vulnerable software components by businesses around …

lock
French cybersecurity agency open sources security hardened CLIP OS

After developing it internally for over 10 years, the National Cybersecurity Agency of France (ANSSI) has decided to open source CLIP OS, a Linux-based operating system …

Android apps
Scan reveals known open source vulnerabilities in popular Android apps

Widespread use of unpatched open source code in popular Android apps is causing significant security vulnerabilities, warns the non-profit American Consumer Institute Center …

Qualys CertView
Qualys Community Edition: Discover IT assets, manage vulnerabilities, scan web apps

In this podcast recorded at Black Hat USA 2018, Anthony Mogannam, Product Manager, SME/SMB Solutions at Qualys, talks about issues related to open source software and Qualys …

Wireshark
Wireshark can be crashed via malicious packet trace files

The Wireshark team has plugged three serious vulnerabilities that could allow an unauthenticated, remote attacker to crash vulnerable installations. According to Cisco …

match
Critical Apache Struts flaw opens enterprises to compromise, patch ASAP!

A critical remote code execution vulnerability (CVE-2018-11776) in Apache Struts, the popular open source framework for developing Java-based web apps, could allow remote …

WhiteSource Web Advisor
Secure your open source components automatically, continuously, and silently

In this podcast recorded at Black Hat USA 2018, Azi Cohen, General Manager at WhiteSource, talks about open source lifecycle management. WhiteSource manages open source …

quantum
Who’s trying to eavesdrop on your customers’ encrypted mobile traffic?

The number one source of TLS/SSL Man in the Middle (MitM) attacks on encrypted mobile traffic are not corporate firewalls or captive portals used by hotels, airports and other …

magnify
Social Mapper: A free tool for automated discovery of targets’ social media accounts

Trustwave has released Social Mapper, an open source tool that automates the process of discovering individuals’ social media accounts. How Social Mapper works The tool …

WhiteSource unveils free open source Vulnerability Checker

WhiteSource announced the release of its Vulnerability Checker, a free tool that provides companies with immediate, real-time alerts on the 50 most critical open source …

robot
Researchers open source tools to identify Twitter bots at scale

Duo Security published technical research and methodology detailing how to identify automated Twitter accounts, known as bots, at a mass scale. Using machine learning …

money
ZDI offers hefty bounties for zero-days in popular web servers, CMSes

The Trend Micro-backed Zero Day Initiative is asking bug hunters to look for zero-day RCE vulnerabilities in several open source server-side products and is ready to pay up to …

Don't miss

Cybersecurity news