Security Projects

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Linux Kernel 6.9 Released with Critical Fixes & Upgrades

The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux ecosystem. Linus Torvalds, the creator of Linux, underscores this by stating, "a more powerful arm64 ma...
May 13, 2024
  0

Nmap 7.95 Released with New OS and Service Detection Signatures

Nmap 7.95 introduces myriad enhancements, primaril...
May 13, 2024
  0
4.Lock AbstractDigital Esm H115

AlmaLinux 9.4 Reinforces Robust Linux Security

The recent release of AlmaLinux 9.4, closely aligned wi...
May 07, 2024
  0
1.Penguin Landscape Esm H115

Discover Security Projects News

LS Hmepg 337x500 34 Esm H200

Another domain adopts added DNS security

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Public Interest Registry, which operates the .org generic top-level domain, announced today that it has completed deployment of Domain Name System Security Extensions, which provide an additional level of security to the DNS. The full deployment tops off a two-year deployment and testing period of DNSSEC in 18 live

LS Hmepg 337x500 34 Esm H200

OpenSCAP

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP

LS Hmepg 337x500 34 Esm H200

Why Can't Johnny Develop Secure Software?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Security experts agree that there's something wrong with the software development process, but there are differing opinions on how to solve the problem. It's another day in the life of a security pro -- or a hacker. Much of your time is spent searching applications for that one weak point, the one that will lead to the breach of sensitive data. And nearly every day, somebody finds one. Or more.

LS Hmepg 337x500 34 Esm H200

Another way to get protection for application-level attacks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

I am a fan of modsecurity (//) as a fast and cheap way to get decent protection for application layer attacks. But, as you know, risks are increasing and when the risk analysis performed to your organization shows that application disruptions have a big impact to the core business, it's time to strengthen controls and think about delivering protection from the code itself.

LS Hmepg 337x500 34 Esm H200

Is Open Source Safe?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The IT Department where Daniel Toth works won't let him use open source software because they believe it's a security risk. Is it? No. If anything, open-source software has the potential to be safer. Not that it always is, of course.

LS Hmepg 337x500 34 Esm H200

Open-Source Could Mean an Open Door for Hackers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The ability to access the code of open-source applications may give attackers an edge in developing exploits for the software, according to a paper analyzing two years' worth of attack data. The paper, to be presented this week at the Workshop on the Economics of Information Security, correlated 400 million alerts from intrusion detection systems with known attributes of the targeted software and vulnerabilities.

LS Hmepg 337x500 34 Esm H200

WhatWeb

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the webserver is set up and what software is delivering the webpage. Some of these hints are obvious, eg.

LS Hmepg 337x500 34 Esm H200

Code Security: A survival guide

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Looking for ideas to improve how code security is done in your enterprise? Here are several. Code security is something companies have struggled with for some time. In the rush to make new websites and applications available to customers, vulnerabilities are inevitably left behind.

LS Hmepg 337x500 34 Esm H200

FOCA

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

FOCA 2 has a new algorithm which tries to discover as much info related to network infrastructure as possible. In this alpha version FOCA will add to the figured out network-map, all servers than can be found using a recursive algorithm searching in Google, BING, Reverse IP in BING, Well-known servers and DNS records, using an internal PTR-Scaning, etc

LS Hmepg 337x500 34 Esm H200

Using Linux to Disinfect Windows

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Are you responsible for one or more Windows computers? If yes then the odds are really good that you have had to deal with cleaning viruses and malware. Did you know F-Secure offers a free Rescue CD built on Knoppix for just this purpose? Let's take a look at how easy the F-Secure Rescue CD is to use.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved