Search

Open source operating systems in general are less worrisome because their code is open to inspection by anyone with the skills to understand it. Does that mean Linux computing platforms from nongovernmental sources in politically tense countries are equally worry-free? At least one situation last ye...

Almost two years after the infamous Equifax breach, many organizations still struggle to identify and manage open source risk across their portfolios. Meanwhile, the latest report tracking open source security shows a 40 percent rise in the average number of open source components detected in each c...

Just like leaders in every other field you can imagine, academics have been hard at work studying information security. Most fields aren't as replete with hackers as information security, though, and their contributions are felt much more strongly in the private sector than in academia. The differin...

WhiteSource has launched its next-generation software composition analysis technology, dubbed "Effective Usage Analysis," with the promise that it can reduce open source vulnerability alerts by 70 percent. The newly developed technology provides details beyond which components are present in the app...

Black Duck by Synopsys has released the 2018 Open Source Security and Risk Analysis report, which details new concerns about software vulnerabilities amid a surge in the use of open source components in both proprietary and open source software. The report provides an in-depth look at the state of o...

Mozilla has launched the first full edition of its Internet Health Report. The report is "an open source effort to explore the state of human life on the Internet," said Mozilla Executive Director Mark Surman. It consists of research and analysis compiled by researchers, engineers, data scientists, ...

A new Apache Struts campaign that researchers named "Zealot" has come to light in recent weeks. Zealot loads Windows or Linux-based machines by installing a miner for Monero, which has become one of the hottest cryptocurrencies used in recent malware attacks. Zealot uses NSA-linked EternalBlue and E...

ExpressVPN on Tuesday launched a suite of open source tools that let users test for vulnerabilities that can compromise privacy and security in virtual private networks. Released under an open source MIT License, they are the first-ever public tools to allow automated testing for leaks on VPNs, the ...

The Pirate Bay has come under fire for testing a Monero javascript miner as a possible means for generating new revenue to replace its current model of making money through advertising on the site. It reportedly hijacked the processing power of its own users to help generate revenue. Monero is an o...

Millions of IoT devices are vulnerable to cybersecurity attacks due to a vulnerability initially discovered in remote security cameras, Senrio reported this week. The firm found the flaw in a security camera developed by Axis Communications, one of the world's biggest manufacturers of the devices. T...

Malware targeting Linux systems is growing, largely due to a proliferation of devices created to connect to the Internet of Things. That is one of the findings in a report WatchGuard Technologies released last week. The report, which analyzes data gathered from more than 26,000 appliances worldwide,...

The Online Trust Alliance on Tuesday released its 2017 Online Trust Audit & Honor Roll. Among its findings: Consumer services sites have the best combined security and privacy practices. FDIC 100 banks and U.S. government sites are the least trustworthy. The number of websites that qualified for...

Cybersecurity startup Capsule8 this week announced that it has raised $2.5 million to launch the industry's first container-aware, real-time threat protection platform designed to protect legacy and next-generation Linux infrastructures from existing and potential attacks. CEO John Viega, CTO Dino D...

SnapRoute, a developer of open source networking software, announced that it has raised $25 million in Series A financing led by Norwest Venture Partners with new support from AT&T and Microsoft Ventures. SnapRoute, which was founded by CEO Jason Forrester and other former engineers from Apple, ...

SnapRoute, a developer of open source networking software, announced that it has raised $25 million in Series A financing led by Norwest Venture Partners with new support from AT&T and Microsoft Ventures. SnapRoute, which was founded by CEO Jason Forrester and other former engineers from Apple, ...

Linux-operated botnet Distributed Denial of Service attacks surged in this year's second quarter, due to growing interest in targeting Chinese servers, according to a Kaspersky Lab report released this week. South Korea kept its top ranking for having the most command-and-control servers. Brazil, It...

Splice Machine this week announced it has open sourced its Spark-powered relational SQL database system. The company has set up a cloud-based sandbox for developers to put its new open source Splice Machine 2.0 Community Edition to the test. The company also announced the release of a cluster versio...

Bulgaria's Parliament recently passed legislation mandating open source software to bolster security, as well as to increase competition with commercially coded software. Amendments to the Electronic Governance Act require that all software written for the government be Free and Open Source Software...

Hortonworks this week announced a series of enterprise security efforts to bolster performance and data safety with its Hortonworks Data Platform. The company announced Tuesday that Pivotal Software will standardize on Hortonworks' Hadoop distribution. Hortonworks also will resell extract, transform...

A report released Tuesday on the DROWN vulnerability raises concerns about possible attacks that could expose encrypted communications. DROWN is a serious vulnerability that affects HTTPS and other services using SSL version 2, according to the team of security researchers who compiled the report. T...