HackDig : Dig high-quality web security articles for hacker

OpenOffice coders debate retiring the project

Concerns at the Apache Software Foundation that the Apache OpenOffice project it hosts might be failing have prompted a debate about retiring the project, and triggered the resignation of at least one member of the project's management committee. The office productivity suite was once a key element of efforts to build an open source alternative to Micros
Publish At:2016-09-05 20:45 | Read:3907 | Comments:0 | Tags:Open Source Security Productivity Application Development

IDG Contributor Network: How hackers are making products safer

Jono Bacon, the former community manager of Ubuntu, recently left GitHub (his second job since leaving Canonical) to start his own consulting firm. He is currently working with HackerOne, which just announced its Hack the World competition. I spoke with Bacon about HackerOne, his role with the organization and the competition. Following is an edi
Publish At:2016-07-22 21:50 | Read:2842 | Comments:0 | Tags:Security Application Development Open Source

New Mozilla fund will pay for security audits of open-source code

A new Mozilla fund, called Secure Open Source, aims to provide security audits of open-source code, following the discovery of critical security bugs like Heartbleed and Shellshock in key pieces of the software.Mozilla has set up a US$500,000 initial fund that will be used for paying professional security firms to audit project code. The foundation will
Publish At:2016-06-10 06:30 | Read:2800 | Comments:0 | Tags:Security Open Source Software

IDG Contributor Network: Why I won’t use Dropbox’s Project Infinite if it’s not open source

Dropbox recently unveiled Project Infinite that will go beyond the user-space level and go as deep as the kernel level to give users access to their content -- even on devices with small hard disks.What Dropbox is planning to do is work as a file system so everything that’s stored on your Dropbox will be accessible on your device without taking up any sp
Publish At:2016-05-27 13:05 | Read:3246 | Comments:0 | Tags:Security Cloud Storage Open Source

IDG Contributor Network: Linux can't keep you safe if you don't update it

At CoreOS Fest in Berlin, Greg Kroah-Hartman, Linux kernel developer and maintainer of the stable branch, talked about an inconvenient truth about Linux and security: vendors are notoriously bad about implementing patches.For the last 15 years the kernel community has been following a rule to fix things as soon as possible. The Linux community fixes the
Publish At:2016-05-13 20:35 | Read:3380 | Comments:0 | Tags:Linux Open Source Security Android

Dangerous 7-Zip flaws put many other software products at risk

Two vulnerabilities recently patched in 7-Zip could put at risk of compromise many software products and devices that bundle the open-source file archiving library.The flaws, an out-of-bounds read vulnerability and a heap overflow, were discovered by researchers from Cisco's Talos security team. They were fixed in 7-Zip 16.00, released Tuesday.The 7-Zip
Publish At:2016-05-13 02:20 | Read:2929 | Comments:0 | Tags:Security Application Development Open Source Software

Apache incubating project promises new Internet security framework

VANCOUVER, BC -- A new incubating project at the Apache Software Foundation (ASF) promises a more secure Internet that doesn't require monolithic trust hierarchies and centralized certificate authorities. And it could eliminate the need for complex passwords, too.At ApacheCon North America in Vancouver yesterday, telecommunications juggernaut NTT Group,
Publish At:2016-05-13 02:20 | Read:10407 | Comments:0 | Tags:Security Open Source Internet of Things Cloud Security

IDG Contributor Network: CII’s Best Practices badge program is making open source projects more secure

The Core Infrastructure Initiative (CII), a Linux Foundation collaborative project, has announced the first round of CII Best Practices  badges. The recipients include Curl, GitLab, the Linux kernel, OpenBlox, OpenSSL, Node.js and Zephyr.CII is a result of collaboration between many industry players including Microsoft, Bloomberg, Facebook, and Qualcomm,
Publish At:2016-05-03 23:20 | Read:3030 | Comments:0 | Tags:Linux Open Source Security

Popular desktop Linux distro Ubuntu has potentially serious privacy flaw

A feature in the just-released 16.04 version of Ubuntu could pose a serious threat to the privacy of desktop Linux users, according to a well-known open-source software expert.Version 16.04, the latest long-term-support release of Ubuntu, features a new package format used for installing software on an Ubuntu system, called snap. Snaps are designed to be
Publish At:2016-04-23 07:50 | Read:3175 | Comments:0 | Tags:Linux Open Source Security Privacy

Open source code is common, potentially dangerous, in enterprise apps

The Open Source Vulnerability Database shut down this week posed yet another security challenge for developers who routinely inject massive amounts of free off-the-shelf code into new software.As the name suggests, OSVD was a resource where non-commercial developers could look – free - for patches to known vulnerabilities.+More on Network World: 10 best
Publish At:2016-04-12 06:00 | Read:3599 | Comments:0 | Tags:Security Open Source Application Development

MapR delivers support for containers, security

MapR Technologies today announced the general availability of the MapR Converged Data Platform, which brings Hadoop together with Spark, Web-scale storage, NoSQL and streaming capabilities in a unified cluster, designed to support customers deploying real-time global data applications.The Converged Data Platform features security, data governance and per
Publish At:2016-03-08 10:15 | Read:2791 | Comments:0 | Tags:Open Source Security Big Data Analytics Hadoop Virtualizatio

Webroot Supports Open Network Insight Project

  On Monday of this week, Webroot joined Cloudera, the leading provider of modern data management and analytics systems built on Apache Hadoop, in announcing Open Network Insight (ONI) Project, a database and tools designed specifically for cyber security incident response. ONI will enable security analysts and responders to manipulate the massive amoun
Publish At:2016-03-05 05:55 | Read:4706 | Comments:0 | Tags:Thought Leadership Cloudera ONI Open Network insight open so

CoreOS CEO: Containers are just the beginning

Containers are revolutionizing enterprise IT in much the way smartphones have transformed the world of consumer technology, but there's still much more to come.That's according to Alex Polvi, CEO of Linux server vendor CoreOS, which has set its sights on improving Internet security.Too many companies today operate their data centers as if on egg shells,
Publish At:2016-02-26 03:00 | Read:3812 | Comments:0 | Tags:Virtualization Software Security Open Source Linux

Extremely severe bug leaves dizzying number of software and devices vulnerable

Researchers have discovered a potentially catastrophic flaw in one of the Internet's core building blocks that leaves hundreds or thousands of apps and hardware devices vulnerable to attacks that can take complete control over them.Further ReadingHow security flaws work: The buffer overflowStarting with the 1988 Morris Worm, this flaw has bitten everyone fro
Publish At:2016-02-17 04:50 | Read:3870 | Comments:0 | Tags:Risk Assessment Technology Lab buffer overflow code executio

IDG Contributor Network: Linux goes to Washington: How the White House/Linux Foundation collaboration will work

No doubt by now you've heard about the Obama Administration's newly announced Cybersecurity National Action Plan (CNAP). You can read more about it on CIO.com here and here.But what you may not know is that the White House is actively working with the Linux and open source community for CNAP. In a blog post Jim Zemlin, the executive director of the Linux
Publish At:2016-02-11 01:15 | Read:2848 | Comments:0 | Tags:Security Linux Open Source Cyber Attacks/Espionage Cyberterr

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud