Security Projects - Page 49

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

AlmaLinux 9.4 Reinforces Robust Linux Security

The recent release of AlmaLinux 9.4, closely aligned with Red Hat Enterprise Linux (RHEL) 9.4, presents Linux admins and infosec professionals with an enhanced open-source enterprise Linux solution. AlmaLinux 9.4 is built directly from RHEL's open-so...
May 07, 2024
  0

Linux Mint 22 Will Bring XApp Independence, Improved Security, and Compatibility

The upcoming release of Linux Mint 22 will introduce si...
May 06, 2024
  0
11.Locks IsometricPattern Esm H115

run0, A Safer Alternative to sudo, Introduced in Systemd v256

German software engineer Lennart Poettering recent...
May 04, 2024
  0
2.Motherboard Esm H115

Discover Security Projects News

LS Hmepg 337x500 34 Esm H200

Security pros develop flaw database

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Internetworked Security Information Service (ISIS) brings together four independent projects--the Open Source Vulnerability Database, the Alldas.de defacement-tracking service, the PacketStorm software database and the vulnerability watchdog VulnWatch--into a loosely organized collaboration. "There are a lot of commercial organizations that . . .

LS Hmepg 337x500 34 Esm H200

A New Code for Anonymous Web Use

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Peer-to-peer networks such as Morpheus and Audiogalaxy have enabled millions to trade music, movies and software freely. A group of veteran hackers is about to unveil a new peer-to-peer protocol that may eventually let millions more surf, chat and e-mail free. . .

LS Hmepg 337x500 34 Esm H200

cDc prepares user-friendly stego app

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In an effort to help Netizens in the more paranoid corners of the world evade national censorship, the cDc's Hacktivismo group is developing a browser product called Camera/Shy capable of creating and displaying images with messages which would likely get a . . .

LS Hmepg 337x500 34 Esm H200

Two Open Source Security Code Scanners

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

David Wheeler, author of the Secure Programming HOWTO and the RATS development team from Secure Software Solutions today announced open source source code security flaw scanners. "RATS scans through code, finding potentially dangerous function calls. . . .

LS Hmepg 337x500 34 Esm H200

Announce: RSBAC v1.2.0 released

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

RSBAC is a flexible, powerful and fast open source access control framework for current Linux kernels, which has been in stable production use since January 2000 (version 1.0.9a). All development is independent of governments and big companies, and no existing access . . .

LS Hmepg 337x500 34 Esm H200

Study: Open source poses security risks

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A conservative U.S. think tank suggests in an upcoming report that open-source software is inherently less secure than proprietary software, and warns governments against relying on it for national security. The white paper, Opening the Open Source Debate, from the Alexis . . .

LS Hmepg 337x500 34 Esm H200

A Vulnerability Scan Plan

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this special section, eWeek Labs examines the state of the art in security vulnerability detection from several angles. It's cheapest--and most effective--to fix problems while they are in development, and I evaluate two tools designed to detect application security problems . . .

LS Hmepg 337x500 34 Esm H200

A Buffer Overflow Study: Attacks & Defenses

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A technical overview of heap and buffer overflows, Linux tools that can be used to reduce their risk, the kinds of exploits these tools can prevent, and more. "This study deals with the various kinds of overflows (heap, stack) to understand how they work and how they may be used to execute malicious code. . .

LS Hmepg 337x500 34 Esm H200

Irish firms launch cyber-attack bait

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Inflow, Espion and Deloitte & Touche are running a new "Honeynet" in Ireland to attract would-be cyber attackers and study their habits. The new Honeynet is already up and running at an unspecified Internet address. On-line for just 48 hours . . .

LS Hmepg 337x500 34 Esm H200

Building trust into open source

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In the past three months, the open-source community has been given a wake-up call. While Microsoft has concentrated on reviewing its flagship Windows source code as part of a new focus on security, Internet watchdogs have released the details of . . .

LS Hmepg 337x500 34 Esm H200

Lcrzoex, Network Testing Toolbox

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Laurent Constantin let us know that the Lcrzoex Project now contains more than 300 GPLd network testing tools. "We are proud to announce that lcrzoex now contains over 300 network testing tools. Tool which passed this mark allows to spoof an IP/UDP packet.". . .

LS Hmepg 337x500 34 Esm H200

Firms undergo NSA infosec rating

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The National Security Agency last week announced the first companies to undergo an appraisal of their information security practices in a program aimed at helping government and commercial organizations improve their systems security. According to the Infosec Assessment Training and Rating . . .

LS Hmepg 337x500 34 Esm H200

PHP-Nuke & Post-Nuke Account Hijacking

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

To exploit this vulnerability one must create an account into the target site, base64_decode his cookie,modify the username in the cookie to inject SQL,base64_encode his cookie and pass it with save=1 to article.php (which must be done throught modules.php). . .

LS Hmepg 337x500 34 Esm H200

PHP Audit Project

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Because PHP is a critical piece of the hosting service puzzle, the PHP audit project was started in order to harden the PHP interpreter against known and unknown vunlerabilities. We are also trying to add some enhancements for the OpenBSD operating . . .

LS Hmepg 337x500 34 Esm H200

The Myth of Open Source Security Revisited

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The author revisits a debate begun here recently on the nature of security in Open Source projects: do 'lots of eyeballs' insure secure code? It is a common misconception amongst users of Open Source software that it is a panacea when it comes to creating secure software.. . .

Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved