What’s better? Disclose early, patch fast? Or dig deep, disclose in full, patch more slowly?
Apple patches zero-day kernel hole and much more – update now!
You’ll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions.
Firefox out-of-band update to 100.0.1 – just in time for Pwn2Own?
A new point-release of Firefox. Not unusual, but the timing of this one is interesting, with Pwn2Own coming up in a few days.
He cracked passwords for a living – now he’s serving 4 years in prison
Crooks don’t need a password for every user on your network to break in and wreak havoc. One could be enough…
S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]
Latest episode – lots to learn – plain English – fun with a serious side – listen now!
Serious Security: Learning from curl’s latest bug update
Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.
Colonial Pipeline facing $1,000,000 fine for poor recovery plans
How good is your cybersecurity? Are you making the same mistakes as lots of other people? Here’s some real-life advice…
RubyGems supply chain rip-and-replace bug fixed – check your logs!
Imagine if you could assume the identity of, say, Franklin Delano Roosevelt simply by showing up and calling yourself “Frank”.
S3 Ep81: Passwords (still with us!), Github, Firefox at 100, and network worms [Podcast]
Latest episode – listen now!
You didn’t leave enough space between ROSE and AND, and AND and CROWN
What weird Google Docs bug connects the words THEREFORE, AND, SECONDLY, WHY, BUT and BESIDES?