Security News

Monocle is open-source tooling backed by a large language model for performing natural language searches against compiled target binaries. Monocle can be provided with a binary and search criteria, and it will decompile the binary to identify and score areas of the code that meet the criteria.

Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred to OSINT as the “INT of first resort”. Public and...

Please turn on your JavaScript for this page to function normally. Secator is an open-source task and workflow runner tailored for security assessments.

More than half of open-source projects contain code written in a memory-unsafe language, a report from the U.S.'s Cybersecurity and Infrastructure Security Agency has found. "Hence, we determine that most critical open source projects analysed, even those written in memory-safe languages, potentially contain memory safety vulnerabilities," wrote the authors.

Portainer Community Edition is an open-source, lightweight service delivery platform for containerized applications. "I created Portainer, initially for my own needs. Back in 2016 I was operating a Public Cloud provider in Asia, and wanted to offer a Container as a Service solution to market. At the time, that meant Docker. There were no Cloud Provider management UI's for Docker then, so I created Portainer to act as such. In a way, Portainer enabled a domestic market version of AWS ECS before ECS was popular. However, Portainer quickly took on a life of its own. I open-sourced the UI, which was"discovered" and blogged about, and it took off.

Open-source Rafel RAT steals info, locks Android devices, asks for ransomThe open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money to restore the device to its original state. Future trends in cyber warfare: Predictions for AI integration and space-based operationsIn this Help Net Security interview, Morgan Wright, Chief Security Advisor at SentinelOne, discusses how AI is utilized in modern cyber warfare by state and non-state actors.

Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets such as passwords, API keys, and tokens in Git repositories. With more than 15 million Docker downloads, 16,200 GitHub stars, 7 million GitHub downloads, thousands of weekly clones, and over 700,000 Homebrew installs, Gitleaks is one of the most trusted secret scanners among security professionals, enterprises, and developers.

The U.S. Cybersecurity and Infrastructure Security Agency has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws. The report, cosigned by CISA, the Federal Bureau of Investigation, as well as Australian and Canadian organizations, is a follow-up to the 'Case for Memory Safe Roadmaps' released in December 2023, aimed at raising awareness about the importance of memory-safe code.

Unlike an active security device such as a firewall, Zeek operates on a versatile 'sensor' that can be a hardware, software, virtual, or cloud platform. This flexibility allows Zeek to quietly monitor network traffic, interpret it, and generate transaction logs, file content, and customized output.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.