Having spent most of this week editing @i41nbeer 184-page “blogbook”, I’d like to highlight three things so they don’t get missed:
1. @5aelo's JSC exploit piece (https://googleprojectzero.blogspot.com/2019/08/jsc-exploits.html …) on patch gapping and n-day bugs being used as an easy way to score 0-day like capabilities
-
Prikaži ovu nit
-
2. The high rate of vulnerability discovery collisions between our team and real world attackers. Pressuring vendors to patch quickly, as well as vendors working hard to encourage quick patch adoption, is stopping demonstrated end-user harm.
5 proslijeđenih tweetova 38 korisnika označava da im se sviđaPrikaži ovu nit
3. The unglamorous but important work of code testing and review. Uncaught software development errors can have a huge impact on device security. Shout outs to all the testing/review/QA peeps out there - hopefully you can use these posts for more funding for your future work!
00:35 - 31. kol 2019.
0 replies
11 proslijeđenih tweetova
54 korisnika označavaju da im se sviđa
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.