Security Projects - Page 33 - Results from #640

Discover Security Projects News

Andiparos

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Andiparos is a fork of the famous Paros Proxy. It is an open source web application security assessment tool that gives penetration testers the ability to spider websites, analyze content, intercept and modify requests, etc.

LinuxSecurity.com Team
Jul 14, 2010

Stealing login details with a Google Chrome extension

The Google Chrome browser allows the installation of third-party extensions that are used to extend the browser to add new features. The extensions are written in JavaScript and HTML and allow manipulation of the DOM, amongst other features.

LinuxSecurity.com Team
Jul 12, 2010

RSA's best practices for preventing enterprise data loss

According to U.S. government estimates, incidents of enterprise data loss cost businesses more than $100 billion in a single year. As threats to enterprise data grow more sophisticated, it's imperative for businesses to implement a comprehensive data security strategy. But where to start?

LinuxSecurity.com Team
Jul 02, 2010

State of the CSO 2010: Progress and peril

Security is very old in most respects, yet very young in others. As a corporate discipline, security unfortunately languished for years in the basement. Today, as organizations come to grips with a wide swath of risks, the 2010 State of the CSO survey shows those organizations are rapidly adopting more sophisticated view of security. Of course, there's more work to be done--most prominently in the areas of security metrics and awareness programs.

LinuxSecurity.com Team
Jun 29, 2010

Help your competitor - Advise them of vulnerability

Tom Bicer wrote in to tell us about some interesting development amongst the SSL certificate providers. Comodo made a press release announcing that they found some vulnerabilities related to Verisign's certificate and had advised Verisign on the vulnerabilities.

LinuxSecurity.com Team
Jun 25, 2010

Another domain adopts added DNS security

The Public Interest Registry, which operates the .org generic top-level domain, announced today that it has completed deployment of Domain Name System Security Extensions, which provide an additional level of security to the DNS. The full deployment tops off a two-year deployment and testing period of DNSSEC in 18 live

LinuxSecurity.com Team
Jun 24, 2010

OpenSCAP

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP

LinuxSecurity.com Team
Jun 23, 2010

Firefox add-on encrypts Facebook and Twitter

Firefox users worried about Internet eavesdropping are being offered a new way to encrypt their interaction with a range of popular websites, including Facebook and Twitter.

LinuxSecurity.com Team
Jun 21, 2010

When It Comes to Security, Openness Isn't Always a Virtue - Rebuttals

Even as he referred to the "cost of transparency" uncovered by his research, Sam Ransbotham, a professor at Carroll School of Management, acknowledged that "the transparency benefits far outweigh this cost. ... The challenge for open source communities is to maintain the benefits while mitigating the downsides."

LinuxSecurity.com Team
Jun 17, 2010

Security in Migrating to Linux on IBM System z

Organizations that are in the process or considering migrating to Linux on System z look to a variety of sources for

LinuxSecurity.com Team
Jun 17, 2010

Why Can't Johnny Develop Secure Software?

Security experts agree that there's something wrong with the software development process, but there are differing opinions on how to solve the problem. It's another day in the life of a security pro -- or a hacker. Much of your time is spent searching applications for that one weak point, the one that will lead to the breach of sensitive data. And nearly every day, somebody finds one. Or more.

LinuxSecurity.com Team
Jun 17, 2010

Hacker: Apple iPad Simply Not a Safe Platform

Apple's reputation for security continues to take hits as hacker group Goatse Security this week accused the company of failing to patch a flaw in Safari -- known since March -- and rendering iPads susceptible to active exploits in the hundreds, if not thousands.

LinuxSecurity.com Team
Jun 16, 2010

Kaminsky Issues Developer Tool To Kill Injection Bugs

Renowned security researcher Dan Kaminsky today went public with the launch of a new venture as well as its first deliverable -- a tool for application developers that helps prevent pervasive string injection-type attacks, such as SQL injection and cross-site scripting (XSS).

LinuxSecurity.com Team
Jun 15, 2010

Another way to get protection for application-level attacks

I am a fan of modsecurity (//) as a fast and cheap way to get decent protection for application layer attacks. But, as you know, risks are increasing and when the risk analysis performed to your organization shows that application disruptions have a big impact to the core business, it's time to strengthen controls and think about delivering protection from the code itself.

LinuxSecurity.com Team
Jun 14, 2010

Drupal clarifies security rules after White-House gaper

Webmasters running unfinished modules for Drupal do so at their own risk after the open-source CMS updated its guidelines on fixing security vulnerabilities.

LinuxSecurity.com Team
Jun 11, 2010

Researchers release point-and-click website exploitation tool

Researchers have released software that exposes private information and executes arbitrary code on sensitive websites by exploiting weaknesses in a widely used web development technology.

LinuxSecurity.com Team
Jun 09, 2010

Google pays $2,000 for report of a vulnerability in Chrome

Google has paid out its highest sum yet, $2,000, for the discovery of a vulnerability found in its Chrome browser. The recipient is developer Sergey Glazunov, who found a DOM method-related means of circumventing the same origin policy.

LinuxSecurity.com Team
Jun 09, 2010

Is Open Source Safe?

The IT Department where Daniel Toth works won't let him use open source software because they believe it's a security risk. Is it? No. If anything, open-source software has the potential to be safer. Not that it always is, of course.

LinuxSecurity.com Team
Jun 08, 2010

Open-Source Could Mean an Open Door for Hackers

The ability to access the code of open-source applications may give attackers an edge in developing exploits for the software, according to a paper analyzing two years' worth of attack data. The paper, to be presented this week at the Workshop on the Economics of Information Security, correlated 400 million alerts from intrusion detection systems with known attributes of the targeted software and vulnerabilities.

LinuxSecurity.com Team
Jun 07, 2010

WhatWeb

Identify content management systems (CMS), blogging platforms, stats/analytics packages, javascript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the webserver is set up and what software is delivering the webpage. Some of these hints are obvious, eg.

LinuxSecurity.com Team
Jun 01, 2010

Security Projects - Page 33

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12

Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins

Deck the Halls with Enhanced Security: Linux Kernel 6.13's Top Features & Improvements