In wake of Log4j crisis, Tidelift’s open-source solution eliminates hidden code vulnerabilities
There’s a great cartoon that sums up the state of modern software. Titled “Dependency,” it shows a mass of digital infrastructure …
Open Source
EU launches bug bounty programs for five open source solutions
The European Union is, once again, calling on bug hunters to delve into specific open source software and report bugs. This time around, …
Unusual ‘Donald Trump’ Packer Malware Delivers RATs, Infostealers
A new .NET malware packer being used to deliver a variety of remote access trojans (RATs) and infostealers has a fixed password named after …
Open Source Democratized Software. Now Let’s Democratize Security
Today, anyone can contribute to some of the world’s most important software platforms and frameworks, such as Kubernetes, the Linux …
‘Now’ would be the right time to patch Ubuntu container hosts and ditch 21.04 thanks to heap buffer overflow bug
The CVE-2022-0185 vulnerability in Ubuntu is severe enough that Red Hat is also advising immediate patching. The flaw allows a process …
The Drawbacks of a SOAR
We’ve said it before, and we’ll say it again: Security Orchestration, Automation and Response (SOAR) platforms are great tools for …
Open Source Security at the White House
There’s no question that open source security and supply chain security has become top of mind issues in the aftermath of the Apache …
Google says open source software should be more secure
In conjunction with a White House meeting on Thursday at which technology companies discussed the security of open source software, Google …
Google calls on U.S. government to do more to secure critical open-source software
After meeting with White House officials Thursday, Google LLC has called for the U.S. government to take on a more proactive role in …
Oxeye Introduce Open Source Payload Deobfuscation Tool
Ox4Shell exposes hidden payloads thatare actively being used to confuse security protection tools and security …
No Software Required: Raspberry Pi Uses Electromagnetic Waves to Detect Malware
A team at France’s Research Institute of Computer Science and Random Systems developed a novel way to detect malware that does not require …
How to De-Risk Your Work with Personal Data
In a previous article, I explained how you can define risks for your information assets. In this article, I will run you through the risks …
Salt Security Finds Serious GraphQL API Security Hole
GraphQL, the open source query language for application programming interfaces (APIs), is very powerful. With great power comes great …
What Does 2022 Have in Store for Cybersecurity and Cloud Security Specialists?
Cloud adoption and industry transformation are accelerating as the world looks for efficiency. Let’s face it, 2022 promises to be another …