Long-form thinking on cyber defence, detection, and resilience — from Slackware-era honeypots through to AI-driven SOC analytics.
Showing posts tagged vulnerabilities — 7 results.
The disclosure conversation has been quietly maturing all year. CERT's coordinated disclosure model and Bugtraq's full disclosure model are converging in interesting ways. A walk through where things now stand.
Two Cisco IOS advisories this month, both significant. The closed-source nature of IOS makes them harder to assess and harder to defend against. A walk through what this teaches about reliance on closed infrastructure.
Looking back at the year's CERT advisories and Bugtraq archive. The pattern is clearer than any individual advisory: the same classes of bug, in different software, on a steady drumbeat. The structural lessons are worth pulling out.
Microsoft's IIS web server has been the source of three serious advisories in the last two months. Every one is exploitable against installations using default settings. The pattern is becoming structural and the cost is paid by everyone, not just IIS operators.
DNS is critical infrastructure. The reference implementation that everyone runs has had a punishing year of advisories. A walk through what BIND has been doing wrong and what an operator can do about it.
Common Gateway Interface scripts are the easiest place in modern computing to introduce a remote-code-execution bug. Two examples from this week, with the actual mistakes called out.
On committing to read every post on a mailing list you barely understand. The first month of Bugtraq is a humbling experience. The second month, less so.