Having spent most of this week editing @i41nbeer 184-page “blogbook”, I’d like to highlight three things so they don’t get missed:
1. @5aelo's JSC exploit piece (https://googleprojectzero.blogspot.com/2019/08/jsc-exploits.html …) on patch gapping and n-day bugs being used as an easy way to score 0-day like capabilities
-
-
3. The unglamorous but important work of code testing and review. Uncaught software development errors can have a huge impact on device security. Shout outs to all the testing/review/QA peeps out there - hopefully you can use these posts for more funding for your future work!
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
I read that blogpost a little different: Despite efforts of highly funded and insanely skilled teams to kill exploit chains, five separate exploit chains were being used for years in the wild before being detected, analyzed, and patched.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
Is there a pattern of Quick Patch Adoption? Or something like Mitigation As Quick.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.