Security News

Blender has confirmed that recent site outages have been caused by ongoing DDoS attacks that started on Saturday. "Since last Saturday, 18 November, the blender.org servers are under a DDoS attack; bringing down our servers by overloading them with requests," reads the announcement.

Best EDR Of The Market is a user-mode endpoint detection and response project designed to serve as a testing ground for understanding and bypassing EDR's user-mode detection methods. These techniques are mainly based on a dynamic analysis of the target process state,.

PolarDNS is a specialized authoritative DNS server that allows the operator to produce custom DNS responses suitable for DNS protocol testing purposes. DNS header malformations Injection of unsolicited records Injection of arbitrary bytes of arbitrary lengths.

Wireshark, the popular network protocol analyzer, has reached version 4.2.0. Wireshark 4.2.0: Notable changes Wireshark supports dark mode on Windows. Packet list sorting has been improved....

HARmor is an open-source tool that sanitizes HTTP Archive files. Easy to install and run, it enables the safe handling and sharing of HAR files.

Open-source solution k0smotron is enterprise-ready for production-grade Kubernetes cluster management with two support options. The k0smotron operator is deployed onto an existing Kubernetes cluster, designated as the management cluster similar to a "Mothership," that orchestrates and provides control plane services on demand.

GitHub Advanced Security gains AI features, and GitHub Copilot now includes a chatbot option. At the GitHub Universe conference held in San Francisco and virtually on Nov. 8 and Nov. 9, 2023, the company revealed its new open source trends report as well as changes to GitHub Copilot and AI enhancements for GitHub Advanced Security.

Flaws in the vulnerability disclosure process of open-source projects could be exploited by attackers to harvest the information needed to launch attacks before patches are made available, Aqua Security researchers worry. "Half-day" vulnerabilities are known to the maintainer and information about them is publicly exposed on GitHub or the National Vulnerability Database, but there's still no official fix.

The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials generation. Now, companies can better understand the components within their Kubernetes environment and how secure they are to reduce risk.

Targeted at the DevSecOps practitioner or platform engineer, Kubescape, the open-source Kubernetes security platform has reached version 3.0. Reporting on the vulnerabilities of all the images in a cluster: This provides a comprehensive view of the security posture of all the images in a cluster and helps organizations prioritize remediation efforts.