Software

CrowdSec: Open-source security solution offering crowdsourced protection

September 18, 2024 add comment
Crowdsec is an open-source solution that offers crowdsourced protection against malicious IPs. CrowdSec features For this project, the developers have two objectives: Provide free top-quality intrusion detection and protection... Read more »

Detecting vulnerable code in software dependencies is more complex than it seems

September 18, 2024 add comment
In this Help Net Security interview, Henrik Plate, CISSP, security researcher, Endor Labs, discusses the complexities AppSec teams face in identifying vulnerabilities within software dependencies. Plate also discusses the... Read more »

EchoStrike: Generate undetectable reverse shells, perform process injection

September 16, 2024 add comment
EchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems. “EchoStrike allows you to generate binaries that, when executed, create an... Read more »

Compliance frameworks and GenAI: The Wild West of security standards

September 16, 2024 add comment
In this Help Net Security interview, Kristian Kamber, CEO at SplxAI, discusses how security challenges for GenAI differ from traditional software. Unlike predictable software, GenAI introduces dynamic, evolving threats,... Read more »

Three Quarters of Dependency Vulnerability Patches Lead to Breakages, Report Finds

September 12, 2024 add comment
Minor updates break clients 94% of the time, while version upgrades cause issues 95% of the time, according to Endor Labs researchers. Read more »

VirtualBox 7.1: This is a major update, here’s what’s new

September 12, 2024 add comment
VirtualBox is a full virtualizer for x86 hardware designed for servers, desktops, and embedded systems. VirtualBox 7.1 introduces an enhanced user interface, cloud VM management, ARM support, Wayland compatibility,... Read more »

DockerSpy: Search for images on Docker Hub, extract sensitive information

September 11, 2024 add comment
DockerSpy scans Docker Hub for images and retrieves sensitive information, including authentication secrets, private keys, and other confidential data. “DockerSpy was created to address the growing concern of sensitive... Read more »

Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities

September 10, 2024 add comment
A Mark of the Web security alert vulnerability and three others have been exploited in the wild and are now covered by Redmond’s monthly patch batch. Read more »

Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security

September 10, 2024 add comment
Microsoft has been on the warpath against legacy Office features that are providing entry points for bad actors since 2018. Read more »

33 open-source cybersecurity solutions you didn’t know you needed

September 10, 2024 add comment
Open-source cybersecurity tools provide transparency and flexibility, allowing users to examine and customize the source code to fit specific security needs. These tools make cybersecurity accessible to a broader... Read more »
Subscribe to our Newsletter