open source
Researchers audit the TextSecure encrypted messaging app
A group of German researchers have audited TextSecure, the popular open source encrypted messaging application for Android, and the news is good. After fixing a particular …
Open source Knock Knock tool reveals OS X malware
At this year’s Virus Bulletin conference held last month in Seattle, security researcher Patrick Wardle spoke about methods of malware persistence on Mac OS X. The video …
Facebook open sources osquery, an OS analysis tool
Facebook has open sourced osquery, a framework that exposes an operating system as a high-performance relational database and allows developers to write SQL-based queries to …
Assume your Drupal 7 site has been compromised
Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL …
Open source NAC solution PacketFence 4.5.0 released
PacketFence is a free and open source Network Access Control (NAC) solution. It can be used to effectively secure small to very large heterogeneous networks. Among the …
The Software Assurance Marketplace: A response to a challenging problem
With the steady proliferation of wearable devices and the emergence of the Internet of Things, everyone and everything will eventually be connected by some piece of software. …
Lessons learned developing Lynis, an open source security auditing tool
If you’ve been involved with information security for more than a decade, you’ve probably heard of Rootkit Hunter or rkhunter, a software whose primary goal is to …
How Shellshock can be exploited over DHCP
Attacks exploiting the Shellshock vulnerability (actually, vulnerabilities) are popping up daily, but while Shellshock attacks on web apps have been the most documented and …
Yahoo says its servers weren’t Shellshocked
After researcher Jonathan Hall’s claims that a group of hackers has been exploiting the Bash Shellshock vulnerability to compromise a number of servers belonging to …
Apple patches Shellshock bug in OS X
Apple has finally released a security update for OS X that will close up the critical remote code execution Shellshock bug found in the GNU Bash UNIX shell. The update …
Bash Shellshock bug: More attacks, more patches
As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it …
CipherShed: A replacement for TrueCrypt
Ever since TrueCrypt developers terminated the development of the popular encryption utility and announced that it was not safe to use, users who need such a tool have been …