Security News

Open-source Cobalt Strike port 'Geacon' used in macOS attacks
2023-05-16 12:10

Geacon, a Go-based implementation of the beacon from the widely abused penetration testing suite Cobalt Strike, is being used more and more to target macOS devices. Both Geacon and Cobalt Strike are utilities that legitimate organizations use to simulate attacks against their networks and improve defenses, but threat actors have also relied on them for attacks.

Kubernetes Bill of Materials (KBOM) open-source tool enhances cloud security response to CVEs
2023-05-10 06:16

Kubernetes Security Operations Center released the first-ever Kubernetes Bill of Materials standard. While the Software Bill of Materials has moved forward to the point of being a formal part of the NIST requirements required by the USA federal government in federal purchases, this requirement falls short of the deployment stage in the application development lifecycle, where Kubernetes into play.

Detecting data theft with Wazuh, the open-source XDR
2023-05-08 14:05

Data theft is the act of stealing data stored in business databases, endpoints, and servers. Wazuh is a free and open source enterprise-ready security solution that provides unified SIEM and XDR protection across several workloads.

Universal Data Permissions Scanner: Open-source tool to overcome data authorization blindspots
2023-05-05 04:00

Satori released Universal Data Permissions Scanner, a free, open-source tool that enables companies to understand which employees have access to what data, reducing the risks associated with overprivileged or unauthorized users and streamlining compliance reporting. The Universal Data Permissions Scanner simplifies the complexity associated with authorization.

Unpaid open source maintainers struggle with increased security demands
2023-05-04 03:00

"Since almost all organizations rely heavily on open source in their applications, this new data demonstrates the increasing need to compensate and support the maintainers responsible for the health and security of the critical open source components we all depend on," said Donald Fischer, CEO, Tidelift. "Maintainers are being held accountable for keeping their projects secure and adhering to new standards, but are often not being recognized or paid for the additional work they are being asked to do. By addressing this inconsistency, we can ensure maintainers will continue their important work improving the security and long-term resilience of the open source software supply chain powering government and industry," Fischer continued.

Tython: Open-source Security as Code framework and SDK
2023-05-03 04:00

Security teams must adopt automation and incorporate security measures into code to keep up with the quickly evolving software development. Tython allows security teams to build custom security reference architectures and design patterns as code.

GitHub introduces private vulnerability reporting for open source repositories
2023-04-27 08:34

GitHub has announced that its private vulnerability reporting feature for open source repositories is now available to all project owners. The private vulnerability reporting feature provides a direct collaboration channel that allows researchers to more easily report vulnerabilities, and maintainers to easily fix them.

The double-edged sword of open-source software
2023-04-25 03:00

The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming organizations, according to Lineaje. The analysis revealed that 68% of dependencies are on non-Apache Software Foundation open-source projects.

Security beyond software: The open source hardware security evolution
2023-04-19 04:30

Recognition of the importance of hardware security-upon which all software security is built-is also growing. To fight increasingly sophisticated security threats, more advanced security safeguards are expected to emerge at the hardware level.

Google Uncovers APT41's Use of Open Source GC2 Tool to Target Media and Job Sites
2023-04-17 11:46

A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control amid broader abuse of Google's infrastructure for malicious ends. The starting point of the attack is a phishing email that contains links to a password-protected file hosted on Google Drive, which, in turn, incorporates the GC2 tool to read commands from Google Sheets and exfiltrate data using the cloud storage service.