Tag: Vulnerabilities
-
Let’s Talk About 0-days
[This was a first draft of an article to be published on the Flashpoint Threat Intel blog. Ultimately, parts of it were adopted for a different blog but the original remains considerably different. Curtis Kang contributed significantly to the finished blog below.] Zero-days (0-days and other variations) are exploitable vulnerabilities that the general public is…
-
When CVE Typos Become Advisories
For those who follow me on Twitter, you may notice a considerable number of my Tweets are related to pointing out or confirming CVE IDs that are typos. Recently I ran into an interesting edge case where a typo CVE ID gained life of its own. Typically such typos gain life through aggregation blogs that…
-
Rebuttal: Skeletons in the Closet
On April 22, 2022, Nate Warfield of Prevailion published an article on Threatpost on the topic of zero days. I’m a little late to this article, but because this horse still has some life in it apparently, I feel obligated to once again point out how the term ‘zero day’ has basically lost all meaning.…
-
Rebuttal: How to avoid headaches when publishing a CVE
On May 12, 2022, Adeeb Shah published an article on Help Net Security titled “How to avoid headaches when publishing a CVE”. Shah is a Senior Security Consultant with SpiderLabs, part of Trustwave. Note that it also appears on Trustwave’s blog and includes a second name in the byline, Bobby Cooke. For the sake of…
-
Forbes: Lazy Vulnerability Reporting & A Bit of Bias
It may have been almost two decades ago, I joked with colleagues that many Information Security news articles could just be done via Mad Libs. We later joked that breach notifications often appeared to be done via Mad Libs, using the same phrases with different organization names and the number of affected customers. Over the…
-
Sharks Are Scary but Worry About Mosquitoes
[This was originally published on RiskBasedSecurity.com and was included in the 2021 Mid Year Vulnerability QuickView Report.] It seems like every day that we hear about a new hack and read headlines that tell us that so-called advanced persistent threats (APT) are compromising major organizations. These APT and nation-state actors have incredible skill and seemingly…
-
Down The Vulnerability Rabbit Hole
[This was originally published on RiskBasedSecurity.com.] In a recent article, The Importance of a Living Database, we detailed why it is important to revisit entries as new information comes to light. Like the times, vulnerabilities are a-changin’. We’ve been known to revisit a vulnerability record over 1,200 times, which may seem excessive, and some may…
-
SolarWinds: Sitting on Undisclosed Vulnerabilities
[This was originally published on RiskBasedSecurity.com.] SolarWinds was in the news last year, as the victim of an attack that compromised its Orion Platform software by inserting a backdoor into it, allowing for remote code execution. This attack has had an incredible impact on the security industry and recently, interest in the SolarWinds breach has…
-
“Secure” E2E Messaging Apps: More Than Meets the Eye
[This was originally published on RiskBasedSecurity.com.] Secure messaging apps, often touted as having end-to-end (E2E) encryption, have become extremely popular in recent years. This popularity has increased even more in the last two months, likely influenced by increased anxiety over the power wielded by “big tech” and endorsement by celebrated tech business leaders like Elon…
-
Commentary on Radware’s Top Web Exploits of 2020
At the close of each year we see at least one article covering the top vulnerabilities / exploits from the prior year. This is usually written on the back of having large detection networks across the Internet that get a comprehensive view of exploitation. It’s a great way to get real intelligence for criminal hacking…