Read Time:3 Second
** REJECT ** This candidate is unused by its CNA.
Daily Archives: September 14, 2023
CVE-2009-3768
CVE-2008-7260
CVE-2008-7259
USN-6373-1: gawk vulnerability
Read Time:14 Second
It was discovered that gawk could be made to read out of bounds when
processing certain inputs. If a user or an automated system were tricked
into opening a specially crafted input, an attacker could possibly use
this issue to cause a denial of service.
USN-6372-1: DBus vulnerability
Read Time:9 Second
It was discovered that DBus incorrectly handled certain
invalid messages. A local attacker could possibly use
this issue to cause DBus to crash, resulting in a denial
of service.
Upcoming Speaking Engagements
Read Time:12 Second
This is a current list of where and when I am scheduled to speak:
I’m speaking at swampUP 2023 in San Jose, California, on September 13, 2023 at 11:35 AM PT.
The list is maintained on this page.
CVE-2021-28485
Read Time:7 Second
Ericsson Mobile Switching Center Server (MSC-S) BC 18A and IS 3.1 releases before IS 3.1 CP22 allows Directory Traversal.
BLASTPASS: Government agencies told to secure iPhones against spyware attacks
Read Time:15 Second
CISA, the United States’s Cybersecurity and Infrastructure Security Agency, has ordered federal agencies to patch their iPhones against vulnerabilities that can be used as part of a zero-click attack to install spyware from the notorious NSO Group.
Read more in my article on the Tripwire State of Security blog.
Greater Manchester Police latest force to suffer serious data breach
Read Time:14 Second
Uh-oh, yet another UK police force has suffered a serious data breach.
After the incidents involving Cumbria Police, Norfolk and Suffolk Police, and – perhaps worst of all – the PSNI in Northern Ireland, it’s now Greater Manchester Police finding itself in the hot seat.