It exploits a parser for #JBIG2—an obsolete file format. In today’s #SBBlogwatch, we wonder what other nasties lurk in unmaintained, legacy #OpenSource code.
— @Richi 😷 Jennings (@RiCHi) December 17, 2021
At @SecurityBlvd: https://t.co/GojEm4oOSo
Friday 17 December 2021
NSO Zero-Click Exploit: Turing-Complete CPU in Image File - Security Boulevard
SEAR+GP0 vs. NSO: Researchers have reverse engineered NSO Group’s recent zero-click iPhone exploit—from the Pegasus spyware suite. And it’s a doozy: People are using words like, “terrifying,” “alarming,” “dangerous,” “weird,” “amazing,” “impressive,” “brilliant” and “ridiculous.”
Wednesday 15 December 2021
U.S. Govt. CX EO | Mozilla Revenue | Log4j Latest - DevOps.com
In this week’s #TheLongView:
— @Richi 😷 Jennings (@RiCHi) December 15, 2021
1⃣ Improving U.S. #government #CX,
2⃣ how much money @Mozilla make, and
3⃣ the latest on the #Log4j / #Log4Shell débâcle.
At @DevOpsDotCom: https://t.co/LfQimL14bL
Tuesday 14 December 2021
Apple AirTag Android App is Absolutely Awful—Tracker Detect Fail - Security Boulevard
Follow the Money: Apple is proud to announce its anti-stalking app for Android. The Tracker Detect app lets Android users scan for malicious, hidden AirTag trackers placed by stalkers, thieves and other bad people. Sounds great, right? Except …
Good grief. In today’s #SBBlogwatch, we get lost.
— @Richi 😷 Jennings (@RiCHi) December 14, 2021
At @SecurityBlvd: https://t.co/YD5Ig76Q8p
Monday 13 December 2021
Update: Log4Shell RCE Zero-Day—Reactions and Recriminations - Security Boulevard
Java Considered Harmful: Last week’s critical bug in Log4j still reverberates ’round the racks. Disbelief quickly gave way to denial and bargaining.
Next up: Depression and acceptance. In today’s #SBBlogwatch, we wave goodbye to @Java.
— @Richi 😷 Jennings (@RiCHi) December 13, 2021
At @SecurityBlvd: https://t.co/vKl9vMyGq6
Subscribe to:
Posts (Atom)