Posts tagged Expert Commentary

3 min Project Heisenberg

No More Tears? WannaCry, One Year Later

WannaCry, one year later, and what happened to the SMB target environment.

4 min Vulnerability Management

CVE 100K: A Big, Round Number

There have been 100,000 CVEs published. That's a big, round number.

6 min Vulnerability Management

CVE 100K: By The Numbers

There have been 100,000 CVEs published. Here are some stats on the program so far.

5 min Expert Commentary

Actually, Grindr is Fine: FUD and Security Reporting

On Wednesday, March 28, NBC reported Grindr security flaws expose users' location data [https://www.nbcnews.com/feature/nbc-out/security-flaws-gay-dating-app-grindr-expose-users-location-data-n858446] , a story which ticks a couple hot-button topics for security professionals and security reporters alike. It’s centered around the salacious topic of online dating in the LGBT community, and hits a personal safety concern for people using the app everywhere, not to mention the possibility of outing

3 min Vulnerability Management

Cisco Smart Install (SMI) Remote Code Execution: What You Need To Know

What’s Up? Researchers from Embedi discovered [https://embedi.com/blog/cisco-smart-install-remote-code-execution/] (and responsibly disclosed) a stack-based buffer overflow weakness in Cisco Smart Install Client code which causes the devices to be susceptible to arbitrary remote code execution without authentication. Cisco Smart Install (SMI) is a “plug-and-play” configuration and image-management feature that provides zero-touch deployment for new (typically access layer) switches. The feature

6 min Vulnerability Management

The Wi-Fi KRACK Vulnerability: What You Need to Know

Everything you need to know about the recently disclosed KRACK vulnerability affecting Wi-Fi security protocols (WPA1 and WPA2).