HITBSecConf2017 Amsterdam (April 10th - 14th)
Register Online Now!
Many of you probably think that the National Security Agency (NSA) and open-source software get along like a house on fire. That's to say, flaming destruction. You would be wrong.
In partnership with the Apache Software Foundation, the NSA announced on Tuesday it is releasing the source code for Niagarafiles (Nifi). The spy agency said Nifi "automates data flows among multiple computer networks, even when data formats and protocols differ."
Apache is the most widely used web server on the planet, and it's also one of the most widely attacked. To that end, it's always smart to lock down your Apache server as best as possible. This goes well beyond just locking down your network -- you need to give that Apache server as much attention as it might get from outside sources.
I'll walk you through the process of preventing your Apache server from Distributed Denial of Service (DDoS), Slowloris, and DNS Injection attacks. These breakins are quite simple to prevent, as long as you take the time to lock down that server.
Researchers have identified new self-replicating malware that infects computers running the Apache Tomcat Web server with a backdoor that can be used to attack other machines.
Google has extended its Patch Reward Program to include a raft of new platforms and technologies including its own Android system as it looks to improve the securiry of open source software.
The firm announced an overhaul to its security patch policies last month, offering white hats up to $3,133 for fixes.
Chinese hackers are using an automated tool to exploit known vulnerabilities in Apache Struts, in order to install backdoors on servers hosting applications developed with the framework.
Apache Struts is a popular open-source framework for developing Java-based Web applications that's maintained by the Apache Software Foundation.