Open Source

Open Source news, information, and how-to advice

strata apache spot hadoop
mystery myth

delete key

New ransomware threat deletes files from Linux web servers

A destructive ransomware program deletes files from web servers and asks administrators for money to return them, though it's not clear if attackers can actually deliver on this promise.

young man in plaid shirt holding pile of cash money

New Mozilla fund will pay for security audits of open-source code

A new Mozilla fund, called Secure Open Source, aims to provide security audits of open-source code, following the discovery of key security bugs like Heartbleed and Shellshock in key pieces of the software.

app security

Your open source security problem is worse than you think

Sixty-seven percent of applications reviewed by Black Duck Software contained known open source security vulnerabilities.

internet security

Apache incubating project promises new Internet security framework

The newly announced Apache Milagro (incubating) project seeks to end to centralized certificates and passwords in a world that has shifted from client-server to cloud, IoT and containerized applications.

cyber security

OpenSSL patches two high-severity flaws

Versions 1.0.2h and 1.0.1t of the cryptographic library also patch several more bugs of lesser impact

A mug with the words GitHub Social Coding

19 open source GitHub projects for security pros

GitHub has a ton of open source options for security professionals, with new entries every day. Add these tools to your collection and work smarter

clamps tools

Why security DIY might be exactly what you need

James K. Adamson shares a unique take on the rise of security DIY, why it benefits you, and how to get started

board16ibmsynapsechips

Infiltrate take aways for a security newb

Across security sectors, offensive hackers offer tactics to prevent an attack

closed barriers

Open-source vulnerabilities database shuts down

An open-source project dedicated to cataloguing a huge range of computer security flaws has closed its doors as of Tuesday, according to an announcement on the Open-Source Vulnerability Database’s blog.

160302 pentagon

Feds tackle open source code quality

Even as the White House is calling on federal agencies to make more use of open source projects, there's also a federal effort under way to reduce the number of vulnerabilities in those products via better code review tools and bug...

3648438218 2ecc0c3414 o

Public concerned about security flaws in government open source code

Earlier this month, the White House released a draft of an open source code policy for public review which would require agencies to share code with each other and with the public, but some experts are concerned about possible...

drown attack logo SSLv2

OpenSSL update fixes DROWN vulnerability

The DROWN attack decrypts TLS sessions on servers supporting SSL v2 and using RSA key exchange

open source

Open source security is not as big of a concern as it once was

Some shops are willing to go away from proprietary software for even the most precious data.

waiting in line

To queue or not to queue, that is the PCI question

In the first of this three-part series, I will detail issues surrounding message queuing and how to ensure it doesn’t break your PCI DSS compliance effort.

best open source email security 1

REVIEW: MailScanner and ScrolloutF1 are standouts in open source email security

It should then come as no surprise that a significant industry has grown up around the serious business of containing email threats. We decided to review four open source products to see if they could deliver enterprise-grade...

best open source email security 1

Best open source email security products

Malware can worm its way into the network and wreak various kinds of havoc, often undetected, sometimes for months or even years. We reviewed four open source products to see if they could deliver enterprise-grade security. The four...

backspace key

Vulnerability in popular bootloader puts locked-down Linux computers at risk

Pressing the backspace key 28 times can bypass the Grub2 bootloader's password protection and allow a hacker to install malware on a locked-down Linux system.

villain

Politicians have fractured views on encryption

After the tragic events in Paris in November 2015 we have seen an ever growing chorus of politicians that have been tub thumping for a chance to outlaw encryption. As I've discussed previously I find this patently odd. The...

Load More
You Might Also Like