open source
OpenEMR flaw leaves millions of medical records exposed to attackers
A vulnerability in the free, open source electronic medical record and medical practice management software OpenEMR can be exploited to steal patients’ medical records …
Are your connected devices searchable on the Internet?
Despite being a hub for technology talent, Berliners are leaving themselves wide open to cyberattack through poor security practices that are exposing millions of cyber …
PowerDNS patches five security holes in widely used nameserver software
PowerDNS, the company behing the popular open source DNS software of the same name, has pushed out security updates and patches for its Authoritative Server and Recursor …
GitHub starts alerting developers of security vulnerabilities in dependencies
Popular Git repository hosting service GitHub has introduced a new feature to help developers keep their projects safer: security alerts for vulnerabilities in software …
Tor Browser flaw leaks users’ real IP address
The Tor Project has issued an emergency security bugfix release of Tor Browser, to prevent user IP address leakage due to a still unpatched Firefox bug. The bug is present …
FireEye releases open source managed password cracking tool
FireEye has released GoCrack, an open source tool for managing password cracking tasks across multiple machines. “Simply deploy a GoCrack server along with a worker on …
Camera-based, single-step two-factor authentication resilient to pictionary, shoulder surfing attacks
A group of researchers from Florida International University and Bloomberg LP have created Pixie, a camera-based two-factor authentication system that could end up being a …
Ubuntu 17.10 brings enhanced security and productivity for developers
Canonical released Ubuntu 17.10 featuring a new GNOME desktop on Wayland, and new versions of KDE, MATE and Budgie. On the cloud, 17.10 brings Kubernetes 1.8 for hyper-elastic …
The pervasive risk of vulnerable open source components
Veracode announced findings from the 2017 State of Software Security Report, a comprehensive review of application security testing data from scans conducted by a base of more …
Companies turn a blind eye to open source risk
Though open source software (OSS) helps software suppliers be nimble and build products faster, there are hidden software supply chain risks all software suppliers and IoT …
PoC for several Magento vulnerabilities released, update now!
DefenseCode has published proof of concept code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento. Magento …
Widely used DNS forwarder and DHCP server Dnsmasq riddled with flaws
Google researchers have discovered seven serious vulnerabilities in Dnsmasq, a lightweight, widely used DNS forwarder and DHCP server for small computer networks. Dnsmasq is …