Weāre at the end of July and the Zero Day Initiative (ZDI) has published 873 advisories so far. Thatās 273 advisories this month alone ā and thatās just the tip of the iceberg! Earlier this week, ZDI announced the Targeted Incentive Program, which brings over $1,500,000 USD in special bounty awards for specific targets. With…
Read More One night this week, I came across one of my favorite movies Willy Wonka and the Chocolate Factory. The world had gone crazy after the reclusive Willy Wonka announces that he has hidden five golden tickets in chocolate Wonka Bars that promised a factory tour and a lifetime supply of chocolate. Thereās a scene at…
Read More Earlier this week, I wrote a blog covering a couple of the statistics from the Zero Day Initiativeās (ZDI) first half of 2018. One of the stats that I didnāt cover is the increasing focus on enterprise applications. The team is seeing consistent growth in submissions of Microsoft and Apple vulnerabilities, but now theyāre also…
Read More
When the Zero Day Initiative (ZDI) was formed in 2005, the cyber threat landscape was a bit different from what we see today. Threats were a little less sophisticated, but there was one thing that we saw then that we still see now: the shortage of cybersecurity professionals and researchers. The team decided that with…
Read More The General Data Protection Regulation (GDPR) has been up and running for a couple of months now and your organization is compliant. Itās time to take a little break ā well, not so fast! Late last week, the State of California passed a new data privacy law called the California Consumer Privacy Act of 2018….
Read More
I have never reverse engineered anything, but I did dismantle a Betamax VCR and put it back together without an instruction manual. My little brother liked to use the tape slot as a garage for his Hot WheelsĀ® toy cars. We were usually able to take out the cars without any issues, but one day,…
Read More As I pull together the list of zero-day filters for this blog, I see all types of vulnerabilities from various vendors. My interest is always piqued when I see a vulnerability affecting a security company. The Zero Day Initiativeās (ZDI) interest was also piqued when the researcher Pagefault submitted a Bitdefender vulnerability to the ZDI…
Read More As a native Texan, Iāve seen more than my fair share of bugs – actual physical bugs that love the hot, humid Texas climate and my curly hair for some reason. The Zero Day Initiative (ZDI) sees many bugs (of the software variety), including those that affect SCADA control systems. Fritz Sands recently walked through…
Read More It was a busy day yesterday, with Adobe issuing four emergency patches for their Flash Player, including one for a zero-day being actively exploited in the wild. Adobe has indicated that CVE-2018-5002 was discovered being used in limited, targeted attacks on Windows users in the wild. The attacks use Microsoft Office documents embedded with malicious…
Read More I ended up at an urgent care clinic earlier this week and found out I have strep throat. The doctor who examined me asked me what medicine I had taken prior to my visit to help alleviate my throat pain, to which I replied, āI took a multi-symptom liquid medicine because the pain was keeping…
Read More
