Zero Days

CUPS Vulnerability Response Resources

Resources and analysis on the latest zero days: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177

Sep 27 •

CVE-2024-6387 Response Resources - "regreSSHion"

TL;DR: Qualys research team discovered an issue where you can exploit OpenSSH with a “brute force” like timing attack from the outside.

Jul 1 •

Understanding the Polyfill Attack (Polykill)

And some thoughts about what it shows about our tooling trends

Jun 29 •

Vulnerability Management and XZ Utils - Is there any hope?

CVE-2024-3094, Open Source Security, and VulnCon - Is there any hope?

Apr 2 •

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts