open source

Stethoscope spurs employees to implement better security practices
Every now and then, Netflix open sources some of the security tools created by its coders. The latest example of this is Stethoscope, a web application that collects …

Secure messaging app Wickr opens core crypto protocol to review
Wickr, the San Francisco-based company that’s behind the secure ephemeral messaging app of the same name, has published the core crypto protocol powering both the …

PacketTotal: Free online tool for analyzing packet captures
PacketTotal is a free tool for analyzing packet captures that has recently been offered to the infosec community. Available online, the tool is powered by a Python-based …

Facebook and GitHub test new account recovery option
Facebook and GitHub have partnered to provide GitHub users who employ two-factor authentication an easier way to recover access to their account in case they get locked out of …

Encrypted webmail service Lavabit relaunched
Lavabit, the secure encrypted webmail service used by Edward Snowden, is back online. Lavabit founder and operator Ladar Levison shut it down in 2013 when the US government …

Kali Linux certification, first official Kali book on the horizon
The Kali Linux distribution celebrates its 10th anniversary this year. The hugely popular open source project, maintained by Offensive Security, announced today that its new …

Open source cybersecurity framework for the automotive industry
A consortium of researchers announced the development of a universal, free, and open source framework to protect wireless software updates in vehicles. The team issued a …

Key Transparency: A secure directory of public encryption keys
Google has released Key Transparency, an open source public directory meant to simplify the discovery of intended recipients’ public encryption key. The project is still …

Redefining the role of security in software development
Software is becoming increasingly important for market success, driving an ever greater need for speed in the development process. The rapid adoption of DevOps is testimony to …

Nagios Core 4.2.4 closes serious root privilege escalation bug
If you’re using Nagios Core to monitor your systems, networks and infrastructure, and you have not updated to version 4.2.4, you better hop to it. This latest release …

Announced: Independent OpenVPN security audit
VPN service Private Internet Access (PIA) has just announced that they have contracted noted and well-reputed cryptographer Dr. Matthew Green to perform a security audit of …

San Francisco transport system ransomware attacker also extorted other US-based businesses
The ransomware attack that hit the San Francisco Municipal Transportation Agency last Friday is just one of many mounted by the same attacker. According to an unnamed security …