This Week in Security: ClamAV, The AMD Leak, and The Unencrypted Power Grid

Cisco’s ClamAV has a heap-based buffer overflow in its OLE2 file scanning. That’s a big deal, because ClamAV is used to scan file attachments on incoming emails. All it takes …read more Continue reading This Week in Security: ClamAV, The AMD Leak, and The Unencrypted Power Grid

This Week in Security: Filename Not Sanitized, MonikerLink, and Snap Attack!

Reading through a vulnerability report about ClamAV, I came across a phrase that filled me with dread: “The file name is not sanitized”. It’s a feature, VirusEvent, that can be …read more Continue reading This Week in Security: Filename Not Sanitized, MonikerLink, and Snap Attack!