CVE-2020-10029: Buffer overflow in GNU libc trigonometry functions?!?
CVE-2020-10029 Vulnerabilities in the glibc functions cosl, sinl, sincosl, and tanl are due to an underlying common function. They ar fixed in glibc 2.32 ... Read More
CVE-2020-10029: Buffer overflow in GNU libc trigonometry functions?!?
CVE-2020-10029 Vulnerabilities in the glibc functions cosl, sinl, sincosl, and tanl are due to an underlying common function. They ar fixed in glibc 2.32 ... Read More
CVE-2020-10029: Buffer overflow in GNU libc trigonometry functions?!?
Remember trigonometry, where you were given the length of two sides of a triangle and had to compute the third side? We remembered vaguely SOH CAH TOA, but not much more. One thing we would have bet $50 on: That there wouldn’t be a buffer overflow in basic trigonometric functions ... Read More
WHY FUZZING IS YOUR FRIEND FOR DEVSECOPS
ForAllSecure CEO David Brumley walks readers through the quality assurance technique that uncovers coding errors and security loopholes during software vulnerability testing and assurance processes ... Read More
Why Fuzzing Is Your Friend For DevSecOps
ForAllSecure CEO David Brumley walks readers through the quality assurance technique that uncovers coding errors and security loopholes during software vulnerability testing and assurance processes ... Read More
Why fuzzing is your friend for DevSecOps
Leaders proactively mitigate risk. One large risk they can mitigate is being blindsided by an unknown software vulnerability. Attackers who find an unknown vulnerability potentially can exploit all of an agency’s systems. When agency IT teams find a vulnerability first, they can make sure it is fixed or remediated before ... Read More
Game Theory: Why System Security Is Like Poker, Not Chess
The 1980’s film “Wargames” asked a computer to learn whether global thermonuclear war made sense. In the film, thermonuclear war didn’t make sense but what if, in real life, preemptive cyberattacks were our best hope for winning? Or better yet, what are the cyberwar scenarios and incentives when peace is ... Read More
GAME THEORY: WHY SYSTEM SECURITY IS LIKE POKER, NOT CHESS
The 1980’s film “Wargames” asked a computer to learn whether global thermonuclear war made sense. In the film, thermonuclear war didn’t make sense but what if, in real life, preemptive cyberattacks were our best hope for winning? Or better yet, what are the cyberwar scenarios and incentives when peace is ... Read More
Game Theory: Why System Security Is Like Poker, Not Chess
The 1980’s film “Wargames” asked a computer to learn whether global thermonuclear war made sense. In the film, thermonuclear war didn’t make sense but what if, in real life, preemptive cyberattacks were our best hope for winning? Or better yet, what are the cyberwar scenarios and incentives when peace is ... Read More
Mayhem Moves to Production with the Department of Defense
In 2016, Mayhem -- then still a research prototype -- showed that fully autonomous cybersecurity was possible. This was just the first step ... Read More
