True Key: the not so uncommon story of a failed patch
In this blog post, we examine the vendor-supplied patch addressing CVE-2018-6661. The vulnerability was initially reported to Intel Security (McAfee) in June 2017 and disclosed publicly
In this blog post, we examine the vendor-supplied patch addressing CVE-2018-6661. The vulnerability was initially reported to Intel Security (McAfee) in June 2017 and disclosed publicly
Author: Nitay Artenstein Introduction Fully remote exploits that allow for compromise of a target without any user interaction have become something of a myth in
Contributors: David Barksdale of Exodus Intelligence, Independent Security Researcher Jeremy Brown These are two vulnerabilities that allow a remote unauthenticated attacker to update firmware. If the
Contributors David Barksdale and Alex Wheeler 1. Background Earlier this year we reported 3 vulnerabilities in VxWorks to Wind River. Each of these vulnerabilities can be exploited
Vulnerability Development Master Class Since our inception, Exodus Intelligence has provided training courses on a variety of advanced subjects which have consistently been filled with students from
Contributors David Barksdale, Jordan Gruskovnjak, and Alex Wheeler 1. Background Cisco has issued a fix to address CVE-2016-1287. The Cisco ASA Adaptive Security Appliance is
Update (2015-08-13 1:16pm CST): We’ve been in contact with Zimperium and are working with them to provide coverage for detection of this flaw through their
In continuation of the previous blog Fairy Tails and Silver Bullets we present the technical details of the flaws found in I2P (Invisible Internet Project)
Introduction This week we made mention on Twitter of a zero-day vulnerability we’ve unearthed that affects the popular Tails operating system. As the Tails website
As promised, the follow up from our previous post. Before Thanksgiving, we left off with IE9 coughing up bytes. We’ll poke it some more today