@cyb3rops I have struggled with choosing what is the right path here. I am just not sure that level of detail applies enough pressure to get it resolved. The pressure needs to come from their customers and they will apply more pressure if the risk of exploitation is higher.
The new @TrendMicro Vision One platform release marks a leap forward in enterprise #cybersecurity, encompassing robust attack surface risk management and next generation XDR - now amplified by powerful generative #AI technology.
Find out more here: https://t.co/pCoITYRAwu
The latest blog from the Trend Micro Research Team looks at CVE-2022-26937: a Microsoft Windows NFS NLM Portmap stack buffer overflow that could lead to RCE. They provide root cause, source code walkthrough, and detection guidance. https://t.co/FhKhIeoG35
@Dustin_Childs & @thezdi & @MaliciousInput provide examples of systemic problems with security patches and how those problems negatively impact enterprise security, based on disclosing over 9,500 vulnerabilities across 17 years, in #BHUSA Briefing https://t.co/eZFFqyEXiV
Day One of #Pwn2Own Vancouver 2022 comes to a close with record breaking numbers. $800,000 awarded for 16 0-days - our biggest 1 day total in contest history! No bug collisions. No failed attempts. No kidding. https://t.co/8CQPLUTMJA
Setup begins for #Pwn2Own Vancouver. Our drawing for order of events will be tomorrow afternoon (5/17/22). Our 15th anniversary is shaping up to be our best ever. #P2O
Since #Ubuntu has a new release, we will be using version 22.04 at #Pwn2Own Vancouver instead of 21.10. We've updated the rules to reflect this change. Hope to see you there. https://t.co/Z6wHN77aXt
We’re excited to announce that @TrendMicro has joined the Cortex XSOAR Marketplace! Learn more about Vision One here! https://t.co/IrSnXprXWq
#securityautomation#xsoar#marketplace#VisionOne
We have joined the Cortex XSOAR Marketplace! Trend Micro Vision One and Cortex will work seamlessly to simplify incident investigations and drive automated response. Learn more about Vision One here: https://t.co/YCrCDRi1ro
Zero Day Initiative — Looking Back at the Zero Day Initiative in 2021 https://t.co/yStLOoXVTn
Very proud of the team's accomplishments in 2021. Almost $4M awarded to the research community in total. Congratulations @trendmicro @thezdi!!
Some may say I have a fascination with tech gadgets. I typically argue, but after applying a firmware update to a softball just now, I think they may be right.
@NBohusch@GossiTheDog Good feedback. Certainly wasn't intentional. We were getting mostly mitigation questions when we initially authored the article. We added a link at the top to jump to our own product information to make it easier to find. Thanks!!
1/ #Log4Shell Status determination
# Block Rules / Log-Based Detection
There's no effective or rather gapless way to detect attacks that use log4shell due to the many ways to obfuscate the strings.
Don't put too much trust in any filter/detection pattern. All can be bypassed.
..