Month: June 2022

  • When CVE Typos Become Advisories

    When CVE Typos Become Advisories

    For those who follow me on Twitter, you may notice a considerable number of my Tweets are related to pointing out or confirming CVE IDs that are typos. Recently I ran into an interesting edge case where a typo CVE ID gained life of its own. Typically such typos gain life through aggregation blogs that…

  • Rebuttal: Skeletons in the Closet

    Rebuttal: Skeletons in the Closet

    On April 22, 2022, Nate Warfield of Prevailion published an article on Threatpost on the topic of zero days. I’m a little late to this article, but because this horse still has some life in it apparently, I feel obligated to once again point out how the term ‘zero day’ has basically lost all meaning.…