What Is Security Controls Validation? An Essential Guide

You wouldn’t wait for a real fire to find out if your smoke detectors work or if your team knows the evacuation route. You run fire drills. So why would you wait for a real cyberattack to test your security defenses? This is the simple, powerful idea behind security controls validation. It’s the...

Keylime 安全漏洞

Keylime is an open source extensible trust system for Keylime that utilizes TPM technology. A security vulnerability exists in keylime that stems from the inability of the keylime validation program to mark a TPM quote submitted by a device as having an error...

OTFCC Buffer Overflow Vulnerability (CNVD-2025-02610)

OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. A buffer overflow vulnerability exists in OTFCC version 0.10.4, which stems from a lack of proper validation of user-supplied data in the /release-x64/otfccdump+0x6c0bc3 file, which can be...

Cryptic Rumblings Ahead of First 2020 Patch Tuesday

Sources tell KrebsOnSecurity that Microsoft Corp. is slated to release a software update on Tuesday to fix an extraordinarily serious security vulnerability in a core cryptographic component present in all versions of Windows. Those sources say Microsoft has quietly shipped a patch for the bug to...

Google to Make Certificate Transparency Mandatory By 2017

Google is making Certificate Transparency mandatory for its Chrome web browser by October 2017. Google software engineer Ryan Sleevi made the announcement in conjunction with the CA/Browser Forum that took place in Redmond, Washington last week. The move is an attempt to reduce the number of doma...