Feb 22, 2024NewsroomNetwork Security / Penetration Testing A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández … [Read more...] about Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks
OpenSource
Google Created ‘Open-Source Maintenance Crew’ to Help Secure Critical Projects
Google on Thursday announced the creation of a new "Open Source Maintenance Crew" to focus on bolstering the security of critical open source projects. Additionally, the tech giant pointed out Open Source Insights as a tool for analyzing packages and their dependency graphs, using it to determine "whether a vulnerability in a dependency might affect your code." "With this … [Read more...] about Google Created ‘Open-Source Maintenance Crew’ to Help Secure Critical Projects
Several Bugs Found in 3 Open-Source Software Used by Several Businesses
Cybersecurity researchers on Tuesday disclosed nine security vulnerabilities affecting three open-source projects — EspoCRM, Pimcore, and Akaunting — that are widely used by several small to medium businesses and, if successfully exploited, could provide a pathway to more sophisticated attacks. All the security flaws in question, which impact EspoCRM v6.1.6, Pimcore Customer … [Read more...] about Several Bugs Found in 3 Open-Source Software Used by Several Businesses