open source
USBFILTER: Packet-level firewall for blocking USB-based threats
The problem of planted malicious USB devices is compounded by the fact that, no matter what, users will rarely stop to think and ultimately choose not to insert them because …
In limiting open source efforts, the government takes a costly gamble
The vast majority of companies are now realizing the value of open sourcing their software and almost all have done so for at least certain projects. These days Google, …
How the EFF was pushed to rethink its Secure Messaging Scorecard
As good as the idea behind Electronic Frontier Foundation’s Secure Messaging Scorecard is, its initial version left much to be desired. The idea was to provide a …
FlockFlock: File access enforcement for macOS
The more serious you are about information security, the more you realize it’s difficult to be sure a system isn’t compromised. While malware authors don’t target the Mac …
Photo gallery: Black Hat USA 2016 Arsenal
Black Hat USA 2016 is underway at Las Vegas, and here are a few photos from the Arsenal, where the open source community demonstrates tools they develop and use in their daily …
MineMeld: The “Swiss army knife” of threat intelligence feeds
Palo Alto Networks has made publicly available MineMeld, an open source, community supported framework that can simply your consumption and sharing of threat intelligence. …
Android Tamer: Virtual platform for Android security professionals
Android Tamer is a free and open source Swiss army knife type of tool for Android security. The recently released version 4 moves towards Debian package compatibility. Users …
FCC orders TP-Link to allow third-party firmware on their routers
The Federal Communications Commission’s Enforcement Bureau has reached a $200,000 settlement with TP-Link in regards to selling in the US routers that could operate at output …
ThreadFix: Software vulnerability aggregation and management system
ThreadFix is a software vulnerability aggregation and management system that helps organizations aggregate vulnerability data, generate virtual patches, and interact with …
Intel Crosswalk bug invalidates SSL protection
A bug in the Intel Crosswalk Project library for cross-platform mobile development can open users to man-in-the-middle attacks, researchers from Nightwatch Cybersecurity have …
Nishang: Using PowerShell for penetration testing
Nishang is a framework, and a collection of scripts and payloads which enables PowerShell usage for offensive security, penetration testing and red teaming. The tool is the …
Needle iOS security testing tool to be unveiled at Black Hat Arsenal
In a session at Black Hat USA 2016 on Wednesday, Marco Lancini, Security Consultant at MWR InfoSecurity, will demonstrate publicly for the first time a new iOS security …
Featured news
Resources
Don't miss
- Inside Microsoft’s veteran-to-tech workforce pipeline
- Brakeman: Open-source vulnerability scanner for Ruby on Rails applications
- Incident response lessons learned the hard way
- Okta users under attack: Modern phishing kits are turbocharging vishing attacks
- One-time SMS links that never expire can expose personal data for years