Quantcast
Channel: OSVDB Blog : Category vulnerability-disclosure, everything about vulnerability-disclosure
Browsing latest articles
Browse All 11 View Live

Dr. Jekyll and Mr. Hide (Sun & Disclosure)

Today just happened to be the right day where I saw the Jekyll and “Hide” of Sun though. A few days ago, |)ruid posted about a Solaris ypupdated vulnerability in which he says it corresponds to...

View Article



Image may be NSFW.
Clik here to view.

Who's to blame? The hazard of "0-day".

This blog entry is probably worth many pages of ranting, examining and dissecting the anatomy of a 0-day panic and the resulting fallout. Since this tends to happen more often than some of us care to...

View Article

The Black Market Code Industry

Adam Penenberg wrote an article titled ”The Black Market Code Industry” for FastCompany in which he details his research of two HP employees that actively sold exploit code in their spare time, at...

View Article

Who discovered the most vulns?

 This is a question OSVDB moderators, CVE staff and countless other VDB maintainers have asked. Today, Gunter Ollmann with IBM X-Force released his research trying to answer this question. Before you...

View Article

Vendors & researchers, no more decade old embargo!

Vulnerabilities reported ten years ago, they have no impact on your customers. If they do, then you are woefully behind and your customers are desperately hanging on to legacy products, scared to...

View Article


Responsible Disclosure - Old Debate, Fresh Aspects?!

Earlier this evening, there was a Twitter debate regarding a proposed standard for responsible vulnerability disclosure. It referred to ISO/IEC 29147, a proposed standard for responsibly disclosing a...

View Article

Microsoft, Aurora and something about forest and trees?

Perhaps it is the fine tequila this evening, but I really don't get how our industry can latch on to the recent 'Aurora' incident and try to take Microsoft to task about it. The amount of news on this...

View Article

iDefense VCP as seen through OSVDB

In 2002, iDefense started their Vulnerability Contributor Program. The VCP was created to solicit vulnerability information from the security community and pay researchers for the information. Paying...

View Article


Fascinating Vulnerability and Glimpse Into 33 Year Old Pen-Testing

Today, we pushed OSVDB 82447 which covers a backdoor in the Multics Operating System. For those not familiar with this old OS, there is an entire domain covering the fascinating history behind the...

View Article


Researcher Security Advisory Writing Guidelines

Researcher Security Advisory Writing Guidelines Open Security Foundation / OSVDB.org moderators at osvdb.orgThis document has been prepared by the Open Security Foundation (OSF) to assist security...

View Article
Browsing latest articles
Browse All 11 View Live




Latest Images