Collaborate Disseminate
A security researcher has published a zero-day flaw in a commonly-used virtual machine management system without notifying the vendor, justifying it with a scathing critique of the infosecurity industry. Continue reading Ranting researcher publishes VM-busting zero-day without warning
Command injection vulnerabilities and accessible default admin credentials in home routers distributed by Thailand’s largest broadband provider remain unpatched despite private disclosures to the vendors last July. Continue reading Router Vulnerabilities Disclosed in July Remain Unpatched
St. Jude Medical yesterday filed a lawsuit alleging that Muddy Waters and Med Sec made false claims and attempted to manipulate St. Jude stock. Continue reading St. Jude Alleges False Claims, Stock Manipulation in Suit Against Med Sec, Muddy Waters
Current versions of IBM SDK 7 and SDK 8 remain vulnerable to a 2013 Java vulnerability. Security Explorations discovered the original patch is broken and disclosed details on the flaw and a proof-of-concept exploit. Continue reading Broken IBM Java Patch Prompts Another Disclosure