Uncategorized – Page 109 – SSL and internet security news

On Vulnerability-Adjacent Vulnerabilities

February 15, 2021 infossl

exploits, incentives, patching, Security technology, Uncategorized, zero-day

At the virtual Enigma Conference, Google’s Project Zero’s Maggie Stone gave a talk about zero-day exploits in the wild. In it, she talked about how often vendors fix vulnerabilities only to have the attackers tweak their exploits to work again. From a MIT Technology Review article: Soon after they were spotted, the researchers saw one … Read More “On Vulnerability-Adjacent Vulnerabilities” »

Chinese Supply-Chain Attack on Computer Systems

February 13, 2021 infossl

backdoors, china, cybersecurity, fbi, fisa, intelligence, Internet of Things, national security policy, reports, Security technology, supply chain, Uncategorized

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S. … Read More “Chinese Supply-Chain Attack on Computer Systems” »