Month: January 2026

  • Shadow, Ghost, and Phantasmawhatever Vulnerabilities – The Reality

    Shadow, Ghost, and Phantasmawhatever Vulnerabilities – The Reality

    Back in September of 2024, I took some notes on a blog I wanted to write about “Shadow” vulnerabilities, based on a corporate blog with a poor concept and misunderstanding of CVE. The title was to be “Shadow Vulnerabilities – Rebuttal” and pretty straight-forward. Vulnerability life is crazy when you help manage a true vulnerability…

  • Random Movie/TV Thoughts and Reviews (January 2026)

    Random Movie/TV Thoughts and Reviews (January 2026)

    Reviews I finished Trigger (2025), a Korean cop/crime/action series that was pretty good. The most interesting aspect was the entire premise that is “what if guns flooded into South Korea?” So it basically becomes a gun epidemic that the police are fighting which is obviously a stark contrast to the United States. It’s simple, yet…

  • Vulnerability Disclosure Forensics: /cgi-bin/upload.cgi

    Vulnerability Disclosure Forensics: /cgi-bin/upload.cgi

    Yesterday, Chris Sullo of Nikto fame, asked me a simple question; in so many words, what was the “first web vuln”. To be clear, he is asking about the first vulnerability in a web server / service / program. Seems relatively straight-forward but I challenge anyone to answer it with their own data set, especially…