open source
Replicating NSA’s gadgets using open source
One peek at the leaked pages of NSA’s ANT catalog made wireless security researcher Michael Ossmann’s mind start spinning. “Could we – could I – …
Critical bug in GnuTLS crypto library could allow malicious code execution
Another critical bug in an open source SSL/TLS (and DTLS) cryptographic library has been discovered and patched last week. The affected library is GnuTLS, and is used in a …
Open Crypt Audit Project considers taking over development of TrueCrypt
The unexpected notice saying TrueCrypt isn’t safe, which has apparently been posted last week by the developers of the software, took the security community by surprise …
Some industrial systems still vulnerable to Heartbleed
The danger from Heartbleed has passed for most Internet users, but operators of Industrial Control Systems (ICS) are not that lucky. The US ICS CERT has issued on Tuesday an …
The Heartbleed effect
In this podcast, recorded at Infosecurity Europe 2014, Ivan Ristic, Director of Engineering at Qualys, talks about the Heartbleed bug and its impact on the security industry. …
Red Hat to acquire open source storage systems’ firm Inktank
Red Hat announced that it has signed a definitive agreement to acquire Inktank, a provider of scale-out, open source storage systems. Inktank’s flagship technology, …
Tech giants back initiative for funding crucial open source projects
The nonprofit Linux Foundation has announced the Core Infrastructure Initiative, a multi-million dollar project aimed to fund open source projects critical for the global …
OpenBSD team forks OpenSSL to create safer SSL/TLS library
For all the talk about how something should be done to fix OpenSSL so that a Heartbleed situation is never again repeated, there has been little to no concrete action so far. …
Tor relays vulnerable to Heartbleed dropped from anonymity network
Thanks to the OpenSSL Heartbleed bug, the Tor anonymity network is set to temporarily lose around “12 per cent of the exit capacity and 12 per cent of the guard …
ModSecurity 2.8.0 released
ModSecurity makes full HTTP transaction logging possible, allowing complete requests and responses to be logged. It can also monitor the HTTP traffic in real time in order to …
Heartbleed threatens mobile users
As time passes, it becomes more and more obvious that almost no-one is safe from the danger created by the existence of the OpenSSL Heartbleed bug. In the days after the …
Heartbleed should jumpstart important security changes
With impacts on an estimated 60-70% of websites, Heartbleed is easily the security vulnerability with the highest degree of potential impact ever. There’s lots of good …
Featured news
Resources
Don't miss
- European police busts Ukraine scam call centers
- SoundCloud breached, hit by DoS attacks
- The messy data trails of telehealth are becoming a security nightmare
- What Cloudflare’s 2025 internet review says about attacks, outages, and traffic shifts
- Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529)