Tag Archives: Vulnerability Disclosure

Healthy Skepticism for “Year” of 0-day Oracle Bugs

– While I know that Cesar Cerrudo has shown proficiency at finding vulnerabilities. I worry when I read these two quotes next to each other on his website: We could do the Year of Oracle Database Bugs but we think a week is enough to show how flawed Oracle software is, also we don’t want to…

The Case for Full-Disclosure: When The Public Cannot Trust the Researchers, the Media or the Corporation

– There is major confusion about exactly what the Blackhat Apple wireless exploit represents. At various times it was reported that it was the flaw in the OS, the wireless driver shipped with the OS or a third-party wireless driver. The security researchers claim one thing, the press claims another…