open source
Three best practices for responsible open source usage in the COVID-19 era
COVID-19 has forced developer agility into overdrive, as the tech industry’s quick push to adapt to changing dynamics has accelerated digital transformation efforts and …
With database attacks on the rise, how can companies protect themselves?
Misconfigured or unsecured databases exposed on the open web are a fact of life. We hear about some of them because security researchers tell us how they discovered them, …
GitHub envisions a world with fewer software vulnerabilities
After five months in beta, the GitHub Code Scanning security feature has been made generally available to all users: for free for public repositories, as a paid option for …
In the era of AI, standards are falling behind
According to a recent study, only a minority of software developers are actually working in a software development company. This means that nowadays literally every company …
Nmap 7.90 released: New fingerprints, NSE scripts, and Npcap 1.0.0
Over a year has passed since Nmap had last been updated, but this weekend Gordon “Fyodor” Lyon announced Nmap 7.90. About Nmap Nmap is a widely used free and …
The biggest cyber threats organizations deal with today
Microsoft has released a new report outlining enterprise cyberattack trends in the past year (July 2019 – June 2020) and offering advice on how organizations can protect …
Offensive Security releases Win-KeX 2.0, packed with new features
Win-KeX provides a Kali Desktop Experience for Windows Subsystem for Linux (WSL 2), and version 2.0 comes with useful features. Win-KeX 2.0 features Win-KeX SL (Seamless …
Microsoft open-sources tool that enables continuous developer-driven fuzzing
Microsoft has open-sourced OneFuzz, its own internal continuous developer-driven fuzzing platform, allowing developers around the world to receive fuzz testing results …
Plan for change but don’t leave security behind
COVID-19 has upended the way we do all things. In this interview, Mike Bursell, Chief Security Architect at Red Hat, shares his view of which IT security changes are ongoing …
Popular Android apps are rife with cryptographic vulnerabilities
Columbia University researchers have released Crylogger, an open source dynamic analysis tool that shows which Android apps feature cryptographic vulnerabilities. They also …
RedCommander: Open source tool for red teaming exercises
GuidePoint Security released a new open source tool that enables a red team to easily build out the necessary infrastructure. The RedCommander tool solves a major challenge …
Swap Detector: Open source tool for detecting API usage errors
GrammaTech has released Swap Detector, an open source tool that enables developers and DevOps teams to identify errors due to swapped function arguments, which can also be …