Security News

Fleek launches Space, an open source, private file storage and collaboration platform
2020-10-01 15:50

Fleek has announced the launch of Space, an open source, private file storage, sharing, and collaboration platform built on top of the distributed web stack, including Filecoin, IPFS, and Textile. Space's mission is to enable a fully private, peer to peer file and work collaboration experience for users.

Microsoft claims to love open source – this alleged leak of Windows XP code is probably not what it had in mind, tho
2020-09-25 18:39

The source code for Windows XP and other elderly Microsoft operating systems appears to have leaked online as the mega-corp's Ignite developer shindig came to an end. The source of the alleged code leak is unclear; a torrent for the archive popped up on internet armpit 4chan and contains what appears to be Windows XP Service Pack 1, as well as some other past-their-sell-by-date flavours of Microsoft's greatest hits.

Microsoft open-sources tool that enables continuous developer-driven fuzzing
2020-09-16 10:31

Microsoft has open-sourced OneFuzz, its own internal continuous developer-driven fuzzing platform, allowing developers around the world to receive fuzz testing results directly from their build system. Fuzzing is an automated software testing technique that involves entering random, unexpected, malformed and/or invalid data into a computer program.

Microsoft open-sources fuzzing tool it uses in-house to keep Windows so very secure
2020-09-16 06:33

Microsoft has open-sourced the fuzzing tool it uses to scour its own code for potential security vulnerabilities. The tool Microsoft has released is called "OneFuzz" and the company says it is "The testing framework used by Microsoft Edge, Windows, and teams across Microsoft is now available to developers around the world."

Microsoft Releases Open Source Fuzzing Framework for Azure
2020-09-15 16:17

Microsoft on Tuesday announced the release of Project OneFuzz, an open source fuzzing framework for Azure that the tech giant has been using internally for the past year to find and patch bugs. Project OneFuzz, which Microsoft describes as an extensible fuzz testing framework, is designed to address some of the challenges typically associated with fuzzing, enabling developers to conduct this type of testing themselves and allowing security engineers to focus on other important tasks.

RedCommander: Open source tool for red teaming exercises
2020-09-03 04:00

GuidePoint Security released a new open source tool that enables a red team to easily build out the necessary infrastructure. The RedCommander tool solves a major challenge for red teams around the installation and operationalization of infrastructure by combining automation scripts and other tools into a deployable package.

prpl Foundation prplMesh software stack includes open-source code for both Agent and Controller
2020-08-27 01:30

Prpl Foundation announced the release of its prplMesh software stack, eligible for Wi-Fi Alliance certification as Release 1, for both Agent and Controller. The prplMesh release includes open-source code for both Agent and Controller, providing a complete EasyMesh network.

GrammaTech Releases Open Source API Security Tool
2020-08-26 15:31

Application security testing company GrammaTech announced on Wednesday that it has released an open source tool designed to detect API usage errors. The tool, named SWAP Detector, was developed as part of a research project sponsored by the U.S. Department of Homeland Security and GrammaTech says it can be highly useful for DevOps application security testing.

Swap Detector: Open source tool for detecting API usage errors
2020-08-26 12:55

GrammaTech has released Swap Detector, an open source tool that enables developers and DevOps teams to identify errors due to swapped function arguments, which can also be present in deployed code. API usage errors are a common source of security and reliability vulnerabilities.

Adobe Open Sources Tool for Sanitizing Logs, Detecting Exposed Credentials
2020-08-21 13:41

Adobe has made available in open source a tool designed to identify randomly generated strings in any plain text. Dubbed Stringlifier, the tool was written in Python and leverages machine learning to differentiate random character sequences from normal text sequences.