Collaborate Disseminate
For June’s Patch Tuesday Microsoft is patching 50 CVEs and releasing 2 advisories. Adobe Flash is back, as always, with a roll up patch for multiple remote code execution vulnerabilities. Since a zero day remote code exploit was discovered in…
Continue reading Patch Tuesday, June 2018
An Adobe advisory regarding a zero-day vulnerability in Adobe Flash Player was published late last week. In this advisory, Adobe states that it is aware of “limited, targeted attacks” exploiting the vulnerability with the attack vector being an office … Continue reading Adobe Flash Player 0-Day (CVE-2018-5002)
“We are all honorable men here, we do not have to give each other assurances as if we were lawyers.” ― Mario Puzo, The Godfather In the seedy depths of the dark web you will find an underground subculture brimming…
Continue reading Underground Code of Honor
“We are all honorable men here, we do not have to give each other assurances as if we were lawyers.” ― Mario Puzo, The Godfather In the seedy depths of the dark web you will find an underground subculture brimming…
Continue reading Underground Code of Honor
hullabaloo [huhl-uh-buh-loo], noun, plural hullabaloos. a clamorous noise or disturbance; uproar. Recently there has been a hullabaloo about a vulnerability called EFAIL, that, as is the fashion these days, came with its own website, and logo, here. EF… Continue reading Breakdown of the EFAIL Email Vulnerabilities
A zero day exploit was discovered targeting trade agencies and other related organizations in China toward the end of April. The vulnerability is a Use-After-Free (UAF) memory corruption bug in the Microsoft VBScript engine. By taking advantage of the … Continue reading CVE-2018-8174 and Forcing Internet Explorer Exploits
A few weeks ago, I came across a vulnerability that affected all current versions of Electron at the time ( Continue reading CVE-2018-1000136 – Electron nodeIntegration Bypass
May’s Patch Tuesday is here and it looks like these monthly releases have plateaued at around 70 CVEs patched per month. May comes in with 68 CVEs total including 21 rated “Critical”, 44 rated “Important”, and three rated “Low”. Among…
Continue reading Patch Tuesday, May 2018
Drupal, the popular Content Management System, (might) have seen better days. There’s been a lot of attention to it lately in regards to a nasty Remote Code Execution (RCE) vulnerability. In particular a number of builds in the 7.x and…
Continue reading “Drupalgeddon2” Recent Developments
Drupal, the popular Content Management System, (might) have seen better days. There’s been a lot of attention to it lately in regards to a nasty Remote Code Execution (RCE) vulnerability. In particular a number of builds in the 7.x and…
Continue reading “Drupalgeddon2” Recent Developments