XMGoat is an open-source tool that enables penetration testers, red teamers, security consultants, and cloud experts to learn how to work with misconfigurations within the Azure environment.
Misconfigurations within Azure environments are common. It’s …
Researchers at Spectral recently discovered a security flaw in Kafdrop, a popular open-source UI and management interface for Apache Kafka clusters that has been downloaded more than 20 million times. The Kafdrop flaw has allowed the data from Kafka clusters – everything from financial transactions to mission-critical data – to be exposed internet-wide. It can […]
The post Kafdrop Security Flaw Exposes Kafka Clusters Data appeared first on Linux Today.
The Linux Foundation has announced a $10 million commitment to the OpenSSF (Open Source Security Foundation), an effort to improve the security of open source software. Funds will be raised through royalties from parent companies of OpenSSF, including Amazon, Cisco, Dell Technologies, Ericsson, Facebook, Fidelity, GitHub, Google, IBM, Intel, JPMorgan Chase, Microsoft, Morgan Stanley, Oracle, […]
The post The Open Source Security Foundation Receives $10 Million in Funding appeared first on Linux Today.
Google recently introduced the Secure Open Source (SOS) initiative, which will provide bonuses for work related to hardening critical open source security. A million dollars have been allocated for the first payments, but if the initiative is recognized as successful, the investment in the project will continue. Learn more about Google’s open source security project […]
The post Google Allocates $1 Million to Work to Improve Open Source Security appeared first on Linux Today.
Software vulnerabilities are a grave threat to the security of computer systems. They often go undetected for years until it is too late and the consequences are irreversible. In order to find these weaknesses, software security testers and developers often have to manually test the entire codebase and determine if any vulnerabilities exist. However, this can take […]
The post Neural Fuzzing: A Faster Way to Test Software Security appeared first on Linux Today.
Over the years, I have come across many blogs that claim Linux is impenetrable by security attackers. While it is true that GNU/Linux operating systems for desktops and servers come with a lot of security checks in place to mitigate attacks, protection is not “enabled by default”. Check out these six must-have open source tools […]
The post 6 Must-Have Open Source Tools to Secure Your Linux Server appeared first on Linux Today.
Open source security has been a big focus of this week’s Black Hat conference, but no open source security initiative is bolder than the one proffered by the Open Source Security Foundation (OpenSSF). Amid discussions on the security of open source technologies like eBPF and Hadoop, OpenSSF speakers Jennifer Fernick, SVP and head of global […]
The post Open Source Security: A Big Problem appeared first on Linux Today.