Security Projects - Page 34

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Strengthen Your Linux Software Development Pipeline with Code Security Scanners

Developers recognize the critical nature of protecting software systems as cyberattacks grow more sophisticated, thus necessitating robust security measures in development lifecycle processes. Code security scanners play a vital role here. These tool...
Oct 14, 2024
  0

Linux Security Modules (LSM): SELinux vs AppArmor vs TOMOYO

Linux has long been celebrated for its versatility, rob...
Sep 25, 2024
  0
1.Penguin Landscape Esm H115

OpenSSL's New Governance Structure: A Beacon of Progress for Open-Source Security

On July 24, 2024, OpenSSL took an extraordinary step to...
Jul 31, 2024
  0
5.ShakingHands Esm H115

Discover Security Projects News

A Digital Forensics Students Linux Workspace

A Digital Forensics Student's Linux Workspace

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Our next entry for the "The $100.00 (USD) Coolest Linux Workspace Contest" was sent all the way from the Netherlands by a digital forensics student named Huseyin. He is also working as an intern at an IT-audit company and described Linux as the best OS to do research on. If ever chosen as the grand winner, he says he will use the $100 to buy another 1TB hard disk drive since the 3TB of HDDs that he already have are not enough --probably because of lots of legal evidences to store :-)

OAuth Is the New Hotness in Identity Management

OAuth Is the New Hotness in Identity Management

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With Facebook Connect being abandoned in its favor, and a new draft specification before the IETF, OAuth is shaping up as the cornerstone of identity management for cloud-based applications and services. eWEEK Labs Senior Analyst P. J. Connolly looks at what's behind the seamless access to services on social media sites such as Facebook, LinkedIn and Twitter.

Apple Software Security Inferior to Microsoft

Apple Software Security Inferior to Microsoft

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A security expert that build his career on identifying vulnerabilities in Microsoft software now says that the company has come a long way. Marc Maiffret, a former hacker turned legitimate security researcher, and now chief security architect at FireEye, told InSecurity Complex that Apple

Marc Maiffret--the quick rise of a teen hacker (Q&A)

Marc Maiffret--the quick rise of a teen hacker (Q&A)

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

For Marc Maiffret, the turning point in his life came when--at the age of 17--he woke up to an FBI agent pointing a gun at his head. A runaway and high school dropout, he had just returned home and landed his first professional job using his computer skills for the good of companies instead of for mischief. But his past was still catching up to his present.

Researcher Details New Class Of Cross-Site Scripting Attack

Researcher Details New Class Of Cross-Site Scripting Attack

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says. Tyler Reguly, lead security research engineer at nCircle, today published a white paper outlining a new category of attack called "meta-information XSS" (miXSS), which works differently than other forms of the popular attack method -- and could be difficult to detect.

Honeynet: Google Summer of Code 2010 Updated Ideas Page and Student Applications Open

Honeynet: Google Summer of Code 2010 Updated Ideas Page and Student Applications Open

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

On March 29th Google officially began accepting applications from students for Google Summer of Code 2010, which the Honeynet Project is very exicted to be participating in again this year as a mentoring organisation. We've recently updated our project ideas page and mentor information and students have until 19:00 UTC on Friday April 9th to apply (you can either chose one of our ideas or propose your own).

Moodle 1.9.8 Tackles Security Vulnerabilities

Moodle 1.9.8 Tackles Security Vulnerabilities

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Moodle has released an update to its open source learning management system for Mac OS X, Windows, and Linux. Moodle 1.9.8 includes a number of small improvements and bug fixes but also addresses nine security vulnerabilities, including two that Moodle developers have labeled as "critical" and five as "major." Moodle has also released a parallel update to the 1.8 branch, version 1.8.12, which includes comparable changes.

Ways to Justify Security Programs: 13 Cs

Ways to Justify Security Programs: 13 Cs

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

My last post Forget ROI and Risk. Consider Competitive Advantage seems to be attracting some good comments. I thought it might be useful to mention a variety of ways to justify a security program. I don't intend for readers to use all of these, or to even agree. However, you may find a handful that might have traction in your environment.

Code Writers Finally Get Security? Maybe

Code Writers Finally Get Security? Maybe

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A new study finds software writers increasingly intent on baking security into their code writing, and Microsoft gets high marks for helping the process along. Security practitioners often rant about sloppy software writing as the main reason attacks flourish. But newly released survey results suggest code writers are slowly starting to get it.

The Mac Hacker Strikes Again

The Mac Hacker Strikes Again

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Charlie Miller has a habit of publicly upending Apple's security claims. Real cyberspies may be doing the same thing in private. Charlie A. Miller loves his Macbook Pro laptop. And his four other Apple PCs, the iPhone he uses daily and two older iPhones he keeps for tinkering. But his relationship with the company that created those gadgets is somewhat more complicated.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved