Security News
MITRE Caldera for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that are specifically focused on threats to operational technology. The first Caldera for OT extensions were developed in partnership between the Homeland Security Systems Engineering and Development Institute, a federally funded research and development center that is managed and operated by MITRE for the Department of Homeland Security, and the Cybersecurity and Infrastructure Security Agency to increase the resiliency of critical infrastructure.
Reaper is an open-source reconnaissance and attack proxy, built to be a modern, lightweight, and efficient equivalent to Burp Suite/ZAP. It focuses on automation, collaboration, and building universally distributable workflows. Reaper is a work in progress, but it's already capable of much.
The U.S. Office of the National Cyber Director released a request for information entitled Open-Source Software Security: Areas of Long-Term Focus and Prioritization, which indicates that the U.S. Government's effort to invest in open-source software and security continues to pick up steam. In this Help Net Security video, Luis Villa, General Counsel at Tidelift, discusses how the RFI is a clear call to open source experts and industry leaders that the best ideas for how the government can make the entire open source ecosystem more healthy and secure are top of mind.
Velociraptor is a sophisticated digital forensics and incident response tool designed to improve your insight into endpoint activities. Velociraptor enables you to conduct precise and rapid collection of digital forensic data across multiple endpoints simultaneously.
Bitwarden, the maker of the popular open-source password manager tool, has released 'Secrets Manager,' an end-to-end encrypted secrets manager for IT professionals, software development teams, and the DevOps industry. The problem is so widespread that GitHub launched a system that would alert repository owners of misconfigurations leading to the exposure of secrets, and independent security researchers wrote open-source tools dedicated to scanning for secrets in publicly exposed AWS S3 storage buckets.
Open-Source Intelligence refers to gathering, assessing, and interpreting public information to address specific intelligence queries. The OWASP Amass project performs network mapping of attack surfaces and external asset discovery using open-source information gathering and active reconnaissance techniques.
A consortium led by Splunk and AWS are hoping to fix this by standardizing how events are noted in logs, reducing the burden on security teams to decipher alerts they receive from multiple tools and vendors. Last week at Black Hat, security vendor Splunk announced the general availability of the Open Cybersecurity Schema Framework.
Ukraine is warning of a wave of attacks targeting state organizations using 'Merlin,' an open-source post-exploitation and command and control framework. Merlin is a Go-based cross-platform post-exploitation toolkit available for free via GitHub, offering extensive documentation for security professionals to use in red team exercises.
Open source project Moq (pronounced "Mock") has drawn sharp criticism for quietly including a controversial dependency in its latest release. Moq's 4.20.0 release from this week included another...
SandboxAQ launched Sandwich, an open-source framework that simplifies modern cryptography management and enables developers to steer their organizations towards cryptographic agility. With a unified API, Sandwich empowers developers to embed the cryptographic algorithms of their choice directly into their applications and change them as technologies and threats evolve - without rewriting code.