Tag: Badlock

  • Badlock: The Day of Reckoning [Update #4]

    Badlock: The Day of Reckoning [Update #4]

    [This was originally published on the RBS Blog.]. Word circulated earlier today that Badlock would be revealed at 1PM EST, which is curious given that Microsoft’s “Patch Tuesday” releases are not always public by that time. Almost ten minutes before 1PM, word of the patches being public were making the rounds. The three patches and associated…

  • Badlock: All Quiet on the Disclosure Front [Update #3]

    Badlock: All Quiet on the Disclosure Front [Update #3]

    [This was originally posted on the RBS blog.] With a week to go before the hyped Badlock vulnerability gets disclosed (with patches finalyl!), it has been mostly quiet as far as any further detail or insight. In the fourteen days since it was first announced, MITRE has still not seen fit to issue a CVE identifier for…

  • Badlock: The Day After [Update #2]

    Badlock: The Day After [Update #2]

    Late last night, Steve Ragan published an article on the CSO Salted Hash blog titled “Company behind the Badlock disclosure says pre-patch hype is good for business“, immediately taking SerNet to task over their handling of the disclosure so far. One of the more telling parts of his article came during a conversation between Sean…

  • Bad Luck Over The Upcoming Badlock Vulnerability?

    Bad Luck Over The Upcoming Badlock Vulnerability?

    It has only been twenty-one days after the last named vulnerability (DROWN), and now we have the next one! Early on March 22nd, the security industry started hearing rumors of ‘Badlock’ and then the site announcing it began making the rounds. The domain was registered by Johannes Loxen out of Germany on March 11, 2016, to…