vulnerability analysis

October 6, 2020

THREAT RESEARCH

90 days, 16 bugs, and an Azure Sphere Challenge

1 min read

Cisco Talos reports 16 vulnerabilities in Microsoft Azure Sphere’s sponsored research challenge. By Claudio Bozzato and Lilith [-_-]; and Dave McDaniel.   On May 15, 2020, Microsoft kicked off the Azure Sphere Security Research Challenge, a three-month initiative aimed at finding bugs in Azure Sphere. Among the teams and individuals selected, Cisco Talos conducted a […]

July 2, 2019

THREAT RESEARCH

Vulnerability Spotlight: Remote code execution vulnerabilities in Simple DirectMedia Layer

1 min read

Simple DirectMedia Layer contains two vulnerabilities that could an attacker to remotely execute code on the victim’s machine. Both bugs are present in the SDL2_image library, which is used for...

August 2, 2018

THREAT RESEARCH

Exploitable or Not Exploitable? Using REVEN to Examine a NULL Pointer Dereference.

1 min read

It can be very time-consuming to determine if a bug is exploitable or not. In this post, we’ll show how to decide if a vulnerability is exploitable by tracing back...