Microsoft It’s no joke. Microsoft and IBM have joined forces to open-source the 1988 operating system MS-DOS 4.0 under the MIT License. Why? Well, why not? As Scott Hanselman, Microsoft’s VP of the developer community, and Jeff Wilcox, head of Microsoft’s Open Source Programs Office, recount in Microsoft’s Open Source Blog, “a young English researcher […]
Cloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioners cut through the noise and understand console behavior in their environment. “Infrastructure as code has replaced a lot of the need for console access for many organizations, but there are still plenty of instances […]
Recently, the Debian security team fixed several issues in GTKWave, an open-source waveform viewer for VCD (Value Change Dump) files. These vulnerabilities, if exploited, could result in the execution of arbitrary code, posing a significant risk to users. The security updates address a total of 82 identified vulnerabilities. This article details some of the patched […]
The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when Microsoft engineer and PostgreSQL developer Andres […]
CloudGrappler is an open-source tool designed to assist security teams in identifying threat actors within their AWS and Azure environments. The tool, built on the foundation of Cado Security’s cloudgrep project, offers enhanced detection capabilities based on the tactics, techniques, and procedures (TTPs) of modern cloud threat actors like LUCR-3 (Scattered Spider). CloudGrappler queries for […]
Tazama is an open-source platform focused on improving fraud management within digital payment systems. Tazama marks a substantial transformation in the approach to financial monitoring and compliance worldwide. Previously, the financial sector struggled with proprietary solutions that were both expensive and restrictive, impeding access and flexibility, particularly in developing economies. Tazama challenges this status quo […]
Tazama is an open-source platform focused on improving fraud management within digital payment systems. Tazama marks a substantial transformation in the approach to financial monitoring and compliance worldwide. Previously, the financial sector struggled with proprietary solutions that were both expensive and restrictive, impeding access and flexibility, particularly in developing economies. Tazama challenges this status quo […]
RiskInDroid (Risk Index for Android) is an open-source tool for quantitative risk analysis of Android applications based on machine learning techniques. How RiskInDroid works “A user should be able to quickly assess an application’s level of risk by simply glancing at RiskInDroid’s output, and they should be able to compare the app’s risk with others […]
Threat actors used the open-source hypervisor QEMU as a network tunneling tool to create a covert communication channel, demonstrating the diverse methods attackers use to remain stealthy.