Security Archives - Digging Through Chaos

November 1, 2022November 1, 2022

OpenSSL Security Advisories – CVE-2022-3602 and CVE-2022-3786

OpenSSL have just published 2 HIGH security advisories — previously pre-announced as a single CRITICAL advisory

May 3, 2022May 3, 2022

Dell Technologies World 2022 – Day 1

2022 has seen me visit my first Vendor event since before COVID. It’s AWESOME to be back in person

March 18, 2022March 18, 2022

Importance of Source Code Management

A thought on security risks associated with code inheritance and supply chain security risks

November 13, 2019November 13, 2019

CVE-2019-11135 – Speculate the Unexpected

As some of you are no-doubt already aware, today a new speculative execution vulnerability was announced; speculate the unexpected Continue reading “CVE-2019-11135 – Speculate the Unexpected”

November 4, 2019November 4, 2019

BlueKeep Exploit

Remember that Remote Desktop ServicesÂ vulnerabilityÂ from May this year (2019)? … well, now BlueKeep has an active exploit!

Continue reading “BlueKeep Exploit”

October 21, 2019October 21, 2019

Protect your buckets !

Another day, another data privacy breach due to incorrect permissions on AWS S3 storage buckets Continue reading “Protect your buckets !”

August 3, 2019August 3, 2019

The ethics of hacking insulin pumps … in this blog post, I would like toÂ discuss a few thoughts about the pros, cons, and risks, of “playing” with a medical device! Continue reading “Hacking Insulin Pumps”

August 10, 2018

New Oracle Vulnerability – CVSS 9.9

Well there’s something I wasn’t expecting to see… into my inbox I received notification of a new Oracle vulnerability, and itÂ looks like a big one. Continue reading “New Oracle Vulnerability – CVSS 9.9”

May 3, 2018May 3, 2018

Time to change your Twitter Password

In a blog post today, Twitter announced that they had identified a bug thatÂ stored account passwords,Â in clear-text (unmasked), in an internal log. Continue reading “Time to change your Twitter Password”

January 27, 2018

2018 brings … Meltdown and Spectre!

So, 2018Â has really kicked off with a bang! Â If you use a computer, tablet, phone, etc (hint, if you think you’re not then how are you reading this page 😉 )… then you really need to be aware of one of the latest vulnerabilities … and, I would argue, one of the most significant the IT industry has faced to date!

World, meet Meltdown and Spectre Continue reading “2018 brings … Meltdown and Spectre!”