Security News

Google this week announced that it has released open source tools and libraries that can be used by developers to implement fully homomorphic encryption. FHE enables the processing of encrypted data without providing access to the actual data.

CloudLinux announced UChecker, a free open source tool that scans Linux servers for vulnerable libraries that are outdated and being used by other applications. This provides detailed actionable information regarding which application is using which vulnerable library and needs to be updated, which helps improve the security awareness patching process.

The role DNS plays in network securityNew EfficientIP and IDC research sheds light on the frequency of the different types of DNS attack and the associated costs for the last year throughout the COVID-19 pandemic. New Google tool reveals dependencies for open source projectsGoogle has been working on a new, experimental tool to help developers discover the dependencies of the open source packages/libraries they use and known security vulnerabilities they are currently sporting.

IonQ announced the full integration of its quantum computing platform with Cirq, an open-source quantum computing framework from Google. "From its origins, the vision for Cirq was to expand access to quantum computing to even broader audiences," said Dave Bacon, VP of Software at IonQ. "As a developer myself, I know that a smoother, simpler implementation is a better implementation, one that will be more useful in the real world. Volkswagen has shown that developing in Cirq on IonQ has real benefits for real problems faced by development teams."

Organizations have been warned about denial of service vulnerabilities found in RabbitMQ, EMQ X and VerneMQ, three widely used open source message brokers. Message brokers enable applications, systems and services to communicate with each other and exchange information by translating messages between formal messaging protocols.

Synopsys Cybersecurity Research Centre has warned of easily triggered denial-of-service vulnerabilities in three popular open-source Internet of Things message brokers: RabbitMQ, EMQ X, and VerneMQ. The message brokers, responsible for handling data sent to or from IoT devices like smart home hubs and door locks, all share a common protocol: Message Queuing Telemetry Transport, first released in 1999 for monitoring oil pipelines and since repurposed for a variety of home and industrial automation tasks. Any disruption in MQTT messaging could potentially leave users locked out of their homes and offices.

Google has launched a new experimental tool designed to help application developers visualize the dependencies of open source projects. In an effort to help developers gain a better perspective into the packages their open-source projects rely on, Google has introduced Open Source Insights, an exploratory visualization site that offers a view of dependencies, in an organized and accessible way.

Google has been working on a new, experimental tool to help developers discover the dependencies of the open source packages/libraries they use and known security vulnerabilities they are currently sporting. Open Source Insights is a Google Cloud Platform-hosted tool that's accessible via a website into which users can enter the name of specific open source packages and get an overview of how they are put together.

Last year, the man Down Under announced plans to make key portions of the system open source for others to pick up, use, and improve. Now the Pwned Passwords code base is available from GitHub under a BSD three-clause license.

The AlmaLinux OS Foundation announced availability of AlmaLinux OS 8.4 just one week after the release of Red Hat Enterprise Linux 8.4. "This is our second stable release, since the project was announced in December," said Jack Aboutboul, community manager of AlmaLinux.