Month: February 2024

  • The Linux CNA – Red Flags Since 2022

    The Linux CNA – Red Flags Since 2022

    [2/28/2024 Update: A bit more info added at end regarding “almost any bug might exploitable“.] MITRE announced that The Linux Kernel Organization (Kernel.org, hereafter referred to as ‘Linux’) was officially a CVE Numbering Authority (CNA) on February 13, 2024 and via the CVE web site, that their advisories would be posted here. That means they…

  • No one will burn a zero day on you…?

    No one will burn a zero day on you…?

    For at least two decades, a common mantra in the Information Security industry is that “no one will burn a zero day on you!” This is typically said to a person, often someone that comes across as overly paranoid, or perhaps a small hobby website. This term refers to zero day vulnerabilities, ones that are…