Malicious macros can trigger RCE in LibreOffice, OpenOffice
Achieving remote code execution on systems running LibreOffice or Apache OpenOffice might be as easy as tricking users into opening a malicious ODT (OpenDocument) file and …
open source
Companies getting serious about AI and analytics, 58% are evaluating data science platforms
New O’Reilly research found that 58 percent of today’s companies are either building or evaluating data science platforms – which are essential for companies that are …
EU launches bug bounties on free and open source software
After setting up a bug bounty program for VLC Media Player in late 2017, the European Commission (EC) has announced the launch of 14 new ones that will cover other free and …
Critical Kubernetes privilege escalation flaw patched, update ASAP!
A critical privilege escalation vulnerability affecting the popular open source cluster management and container orchestration software Kubernetes has been patched on Monday. …
For recent big data software vulnerabilities, botnets and coin mining are just the beginning
The phrase “with great power comes great responsibility” was excellent advice when Ben Parker said it to his nephew Peter, aka Spiderman. It is even more …
Cybersecurity and ethical data management: Getting it right
Data can provide information, information can lead to insight and knowledge, and knowledge is power. It’s no wonder, then, that seemingly everybody in this modern, …
VirtualBox Guest-to-Host escape 0day and exploit released online
Independent vulnerability researcher Sergey Zelenyuk has made public a zero-day vulnerability he discovered in VirtualBox, the popular open source virtualization software …
Apache Struts 2.3.x vulnerable to two year old RCE flaw
The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …
Netflix releases desktop versions of device security app Stethoscope
In early 2017, the Netflix team open sourced Stethoscope, an application that collects information about users’ devices and provides them with recommendations for securing …
Repairnator bot finds software bugs, successfully submits patches
Can a bot create valid, high-quality fixes for software bugs more rapidly than a human can, and get them accepted by human developers and permanently merged in the code base? …
