software
Penetration tester develops AWS-based automated cracking rig
Building a custom cracking rig for research can be expensive, so penetration tester Max Ahartz built one on AWS. In this Help Net Security interview, he takes us through the …
CISO-approved strategies for software supply chain security
Integrating proprietary and open-source code, APIs, user interfaces, application behavior, and deployment workflows creates an intricate composition in modern applications. …
Enhancing open source security: Insights from the OpenSSF on addressing key challenges
In this Help Net Security interview, we meet a prominent industry leader. Brian Behlendorf, CTO at the Open Source Security Foundation (OpenSSF), shares insights on the …
Scammers exploit AI trend with fake ChatGPT apps on Google Play, Apple App Store
Sophos researchers uncovered multiple apps masquerading as legitimate, ChatGPT-based chatbots to overcharge users. These apps have popped up in the Google Play and Apple App …
Malicious open-source components threatening digital infrastructure
A new risk emerges in the digital era, where open-source software has become a fundamental pillar in developing innovative applications. The threat? Malicious open-source …
Universal Data Permissions Scanner: Open-source tool to overcome data authorization blindspots
Satori released Universal Data Permissions Scanner, a free, open-source tool that enables companies to understand which employees have access to what data, reducing the risks …
Unpaid open source maintainers struggle with increased security demands
Ensuring the security of the open-source software that modern organizations depend on is a crucial responsibility of the open source maintainers, especially as attacks on the …
Tython: Open-source Security as Code framework and SDK
Development teams utilize automation through Infrastructure as Code (IaC) to facilitate rapid and frequent changes to their cloud-native architectures. Security teams must …
Data backup, security alerts, and encryption viewed as top security features
Half of U.S. businesses say that security is the most influential factor when buying software, according to Capterra’s Security Features Survey. In fact, 45% have stopped …
Amazon Linux 2023: Create and execute cloud-based applications with enhanced security
AWS has been offering Amazon Linux, a cloud-optimized Linux distribution, since 2010. This distribution’s latest version is now available. Amazon Linux 2023 is provided …
Kali Linux 2023.1 released – and so is Kali Purple!
OffSec (formerly Offensive Security) has released Kali Linux 2023.1, the latest version of its popular penetration testing and digital forensics platform, and the release is …
Massive GitHub analysis reveals 10 million secrets hidden in 1 billion commits
GitGuardian scanned 1.027 billion new GitHub commits in 2022 (+20% compared to 2021) and found 10,000,000 secrets occurrences (+67% compared to 2022). What is interesting …