What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in Open Source

Malicious Software Infrastructure Easier to Get and Deploy Than Ever

Researchers at Recorded Future report a rise in cracked Cobalt Strike and other open-source adversarial tools with easy-to-use interfaces. Simple to use and deploy offensive security tools, making it easier than ever for criminals with little technical know-how to get in on cybercrime are seeing a significant rise, researchers say. . . . Read more

‘Amnesia:33’ TCP/IP Flaws Affect Millions of IoT Devices

A new set of vulnerabilities has been discovered affecting millions of routers and IoT and OT devices from more than 150 vendors, new research warns. Researchers – as well as the U.S. Cybersecurity Infrastructure Security Agency (CISA) – are warning of a set of serious vulnerabilities affecting TCP/IP stacks. The . . . Read more

Electronic Medical Records Cracked Open by OpenClinic Bugs

Four security vulnerabilities in an open-source medical records management platform allow remote code execution, patient data theft and more. Four vulnerabilities have been discovered in the OpenClinic application for sharing electronic medical records. The most concerning of them would allow a remote, unauthenticated attacker to read patients’ personal health information . . . Read more

German COVID-19 Contact-Tracing Vulnerability Allowed RCE

Bug hunters at GitHub Security Labs help shore up German contact tracing app security, crediting open source collaboration. A security vulnerability in the infrastructure underlying Germany’s official COVID-19 contact-tracing app, called the Corona-Warn-App (CWA), would have allowed pre-authenticated remote code execution (RCE). Researcher Alvaro Muñoz wrote in a report this . . . Read more

Microsoft Kills 18 Azure Accounts Tied to Nation-State Attacks

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Facebook Debuts Third-Party Vulnerability Disclosure Policy

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.