One common term that is often seen in CVEs relating to the heap is "use-after-free". The use-after-free vulnerability exploits a mistake made by the original author of a software and can result in devastating effects that range from remote code execution to the leaking of sensitive data. In this blog I'll explain what a use-after-free vulnerability is and how it works...
While reviewing different types of vulnerability scanning tools and services, it became very clear that testing such tools would require at least some known vulnerable applications to be configured. However, doing so may take up a considerable amount of time and effort. We decided to use a collection of pre-configured Docker containers and a Bash script to speed up this process.
The last month has seen a spate of Wi-Fi vulnerabilities. Those that affect the Wi-Fi traffic are bad, but worse are those that allow attacks against the device itself. This blog provides an overview of the recent bugs, and offers some history on Wi-Fi exploitation.
In the height of the COVID-19 pandemic, and only essential workers being in the office, IT resilience and the operational practices of organisations are being tested on a global scale. This whitepaper outlines the importance of Implementing DevOps during this cultural change to ensure quality control whilst driving a faster time to market in the face of uncertainty.