All topics
The process of developing and deploying exploits is a complex and controversial one and it’s often a black box to outside observers. To help shine a light on how this all works, Caitlin Condon of VulnCheck joins Dennis Fisher for a deep dive into the zero day exploit landscape, what goes into exploit development, and […]
Out of 42 unique zero days tracked by Google in 2025, 18 were attributed to CSVs, while 15 were linked to state-sponsored espionage groups.
Without context, the KEV catalog is just a very large collection of data. Tod Beardsley is the former CISA KEV section chief, and he recently released a paper called KEVology that provides key context and evaluates the value of certain enrichment signals.
Tod Beardsley, VP of security research at runZero and former KEV section chief at CISA, joins Dennis Fisher to talk about the evolution of the Known Exploited Vulnerabilities catalog, how much value defenders should place on a specific bug being in the KEV, and his new KEVology report that breaks down all of the data […]
Cisco released software updates on Feb. 25 to fix the vulnerability, which affects both on-premises and cloud deployments of the Catalyst SD-WAN Controller.
It’s a light news week, but we have some fun content for you! This week, we talk about our latest hacker movie episode–STAR WARS–which is up on the site and all of our feeds now (0:25), then we dig into a nasty hard-coded. credential bug in Dell RecoverPoint for Virtual Machines that Chinese threat actors are exploiting […]
