Security News
The U.S. Cybersecurity and Infrastructure Security Agency has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws. The report, cosigned by CISA, the Federal Bureau of Investigation, as well as Australian and Canadian organizations, is a follow-up to the 'Case for Memory Safe Roadmaps' released in December 2023, aimed at raising awareness about the importance of memory-safe code.
Unlike an active security device such as a firewall, Zeek operates on a versatile 'sensor' that can be a hardware, software, virtual, or cloud platform. This flexibility allows Zeek to quietly monitor network traffic, interpret it, and generate transaction logs, file content, and customized output.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
The open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money to restore the device to its original state. Check Point researchers have observed around 120 different malicious campaigns leveraging the malware, hitting devices around the world, but primarely in the US, China, India and Indonesia.
Multiple threat actors, including cyber espionage groups, are employing an open-source Android remote administration tool called Rafel RAT to meet their operational objectives by masquerading it...
Cilium is an open-source, cloud-native solution that leverages eBPF technology in the Linux kernel to provide, secure, and monitor network connectivity between workloads. eBPF is a technology originating from the Linux kernel that allows sandboxed programs to run in a privileged context, such as the operating system kernel.
SELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection, network security monitoring, and threat hunting. Since all the data in SELKS is generated by the Suricata engine, it is popular among network security practitioners who explore the capabilities of Suricata IDS/IPS/NSM and analyze the network protocol monitoring logs and alerts it generates.
In this Help Net Security interview, Alan DeKok, CEO at NetworkRADIUS, discusses the need for due diligence in selecting and maintaining open-source tools, and brings out the potential risks and benefits of collaborating with the open-source community to enhance software security. Un-vetted open-source tools can certainly reduce system security.
Ghidra, a cutting-edge open-source software reverse engineering framework, is a product of the National Security Agency Research Directorate. The framework features high-end software analysis tools, enabling users to analyze compiled code across various platforms, including Windows, macOS, and Linux.
Cloud identity protection company Permiso has created YetiHunter, a threat detection and hunting tool companies can use to query their Snowflake environments for evidence of compromise. Cloud-based data storage and analytics company Snowflake has recently stated that attackers have accessed accounts of some of its customers by leveraging compromised credentials.