An Accidental Discovery of a Backdoor Likely Prevented Thousands of Infections
... Read more » The post An Accidental Discovery of a Backdoor Likely Prevented Thousands of Infections appeared first on Deepfactor ... Read More
Back from Hacker Summer Camp 2023: One CTO’s Experience
... Read more » The post Back from Hacker Summer Camp 2023: One CTO’s Experience appeared first on Deepfactor ... Read More
Back from Hacker Summer Camp 2023: One CTO’s Experience
... Read more » The post Back from Hacker Summer Camp 2023: One CTO’s Experience appeared first on Deepfactor ... Read More
Digging Into An Interesting New CVE
CVE-2023-38408, discovered by the Qualys Threat Research Unit (TRU), describes an RCE (remote code execution) vulnerability made possible by an unwanted interaction between OpenSSH’s ssh-agent executable, the dlopen() and dlclose() functions used by a process to load shared libraries, and various other deficiencies in libraries present (or installable) in many ... Read More
Digging Into An Interesting New CVE
... Read more » The post Digging Into An Interesting New CVE appeared first on Deepfactor ... Read More
Another Bug Caused by Memory Unsafe String APIs
A recent vulnerability came across my radar earlier this week. The description was vague but said: “There is a stack overflow vulnerability caused by strcpy.” This API first appeared in UNIX in the 1970s. There are many other APIs that don’t exhibit the same memory unsafety that these APIs do, ... Read More
CTO Observations from Hacker Summer Camp 2022
BSides LV / Black Hat 25 / DEF CON 30 (aka Hacker Summer Camp 2022) in Las Vegas is now in the rear-view mirror. In addition to news that continues to come out, especially around DEF CON, I wanted to highlight some sessions I attended across the three conferences and ... Read More
