Google's New Feature Ensures Your Pixel Phone Hasn't Been Hacked. Here’s How It Works

Pixel Binary Transparency is the latest security benefit for Pixel owners...

Who Contains the Containers?

Posted by James Forshaw, Project Zero This is a short blog post about a research project I conducted on Windows Server Containers that resulted in four privilege escalations which Microsoft fixed in March 2021. In the post, I describe what led to this research, my research process, and insights...

CVE-2020-15598

Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special request. NOTE: The discoverer reports "Trustwave has signaled they are disputing our claims." The CVE suggests that there is a security issue with how ModSecurity handles regular expressions that can result in a Denial...

Mandriva Update for krb5 MDVSA-2010:245 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2010:245 krb5 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

The Penetration Testing Marketplace in 2010

By Nick Selby Managing Director, Trident Risk Management Vulnerability assessment vendor Rapid7 has announced the first of a series of steps to integrate its penetration testing and vulnerability assessment scanning products. The first step is a module that allows users of the Metasploit Framewor...