It’s January again, and as usual, various media outlets are busy reporting on vulnerability statistics from the previous year. As usual, the CVE Details folks have worked up a lot of hype based on CVE counts, and once again, the media has taken the bait with sensational headlines about Google’s Android being the most vulnerable product of 2016. For context,

For the third time in under a year, I’ve had to analyze a CVE against a third-party library I use that is related to CWE-502 De-serializing of Untrusted Data. In each case, the library maintainers have pushed back, correctly in my opinion, that the problem is not in the library itself but in the hosting application.Fortunately for me, my application is

Microsoft’s Patch Tuesday for October fixed another previous zero-day vulnerability in Internet Explorer (IE) via MS16-118 and MS16-126: CVE-2016-3298. Before the lid was put on it, the security flaw was employed alongside CVE-2016-3351 by operators of the AdGholas malvertising campaign, analysis and disclosure of which were made with our collaboration with

A study conducted by Recorded Future on PoC exploits shared online over the last year shows that social media is the main distribution channel. Security experts at the threat intelligence firm Recorded Future have conducted an interesting study on the proof-of-concept exploits shared online (e.g. On Twitter, on forum linking to personal blogs, GitHub, or Pas

According to data provided by the CVE Details Apple Mac OS X is the software with the highest number of vulnerabilities in 2015. Which is the software with the greatest number of publicly disclosed vulnerabilities in 2015? You will be surprised to know that the software with the major number of vulnerabilities is the Apple Mac

Since 2009, Red Hat has provided details of vulnerabilities with CVE names as part of our mission to provide as much information around vulnerabilities that affect Red Hat products as possible.  These CVE pages distill information from a variety of sources to provide an overview of each flaw, including information like a description of the flaw, CVSSv2 score

CC BY-SA CrowdStrike QEMU is a generic and open source machine emulator and virtualizer and is incorporated in some Red Hat products as a foundation and hardware emulation layer for running virtual machines under the Xen and KVM hypervisors. CVE-2015-3456 (aka VENOM) is a security flaw in the QEMU’s Floppy Disk Controller (FDC) emulation. It can be exp

The Verizon 2015 Data Breach Investigations Report has always had a conversational, quirky style to share some pretty technical information about the security breach data it analyzes. So, if you’re wondering what Prince has to do with vulnerability management, just know that when you read the full report, you’ll understand – a lot of song titles are used to

A vulnerability in Cisco IP phones could allow unauthenticated attackers to remotely listen in on the phones’ audio streams.According to an advisory Cisco published on its website, the vulnerability (CVE-2015-0670) results from improper authentication in the default configuration of certain Cisco IP phones.“An attacker could exploit this vulnerability by sen

I had an interesting discussion with a friend this morning. He explained that, when he is conducting a pentest, he does not hesitate to add sometimes in his report a specific finding regarding the lack of attention given to the previous reports. If some companies are motivated by good intentions and ask for regular pentests against their infrastructure or a

 Patch Tuesday, the unofficial day on which Microsoft regularly releases security updates for its software products, has long been a staple of the information security community.On the second (and sometimes fourth) Tuesday of every month, Microsoft releases a unique set of security bulletins that provide patches for a range of new Common Vulnerabilities

Shortly after disclosure of the Bash bug called "Shellshock" we saw the first attempts by criminals to take advantage of this widespread vulnerability also known as CVE-2014-6271. The most recent attempts we see to gain control of webservers just create a new instance of bash and redirect it to a remote server listening on a specific TCP port.

What is the "bash" vulnerability? The "bash" vulnerability, actually described as CVE-2014-6271, is an extremely powerful vulnerability due to its high impact and the ease with which it can be exploited. An attacker can simply execute system level commands, with the same privileges as the affected services. In most of the examples on the Internet right now,

There was a time when 9,999 vulnerabilities in a calendar year was an exaggeration of the problem. There was no way—folks at MITRE said in 1999—that they would have to produce that many CVE identifiers. The syntax for CVE identifiers supporting four digits was an unnecessary cushion.Yet here we are 15 years after that four-digit assumption was made and a maj