Month: June 2022

When CVE Typos Become Advisories

For those who follow me on Twitter, you may notice a considerable number of my Tweets are related to pointing out or confirming CVE IDs that are typos. Recently I ran into an interesting edge case where a typo CVE ID gained life of its own. Typically such typos gain life through aggregation blogs that…

June 28, 2022
Rebuttal: Skeletons in the Closet

On April 22, 2022, Nate Warfield of Prevailion published an article on Threatpost on the topic of zero days. I’m a little late to this article, but because this horse still has some life in it apparently, I feel obligated to once again point out how the term ‘zero day’ has basically lost all meaning.…

June 16, 2022

When CVE Typos Become Advisories