CVEs ARE DYING - ThreatWire

The CVEs not being reported until they are fixed means vulnerabilities will exist without that information being provided to parties that need to deal with it until a fix is available.

ViolentOrchid

We had an IT recruiter come in to our college class and he basically said stop trying to beautify your resumes. Put the important things that qualify you for the job and your contact info at the top, and leave the work history and what not towards the bottom/ next page.

eeeeeeeeeeeeeeeeeeeeeeeee

This is a fantastic episode pointing to the fact that so many of these CVE's were at scale in years past. Today the level of sophistication of threats and a legitimate capability to keep up and categorize and process them in this model simply does not scale. Regardless of what happens a change to the model must take place.

mytechnotalent

they have already found all vulnerabilities in Windows, now they are going to completely find all the ones for linux. they know some cannot be fixed, and some can, but they are all aware all windows vulnerabilities, including future ones. this does not mean that they will stop their dedication to finding them. now that more people are using Linux including the great gamer migration and because of proton implementation within steam, the CVE's are now going up due to a shift in users on linux. steam os is based around linux, android is linux based, bluestacks, and they have had even more time to prepare now that windows has linux for windows. with the world turning more to Open source products it will be getting much worse. this is why you macs are going to see more CVE's also.

justinburris

amazing the amount of CVEs that have no fixes. I use them for work all the time. Gonna suck when they get rid of some of them.

robgandy

We held a funeral for Splunk this week.

cphrpunk

👀 Appreciate your honesty about never being on the DW. You’re not missing much. Best to stay away from black holes….

Rico

Incognito was a textbook exit-scam. This just as Nemesis market got blasted by the German FEDS.
ShinyHunters back at it again, AT&T malding and balding.

TFKAT

Thanks sueety🎉❤😊😊😊 Just ignore cowbell tee-shirt commenters.

Ms.Robot.

The stages of problem-solving for addressing the vulnerability problem, specifically in regards to the decline of CVEs, typically involve:

1. Identifying vulnerabilities
2. Evaluating vulnerabilities
3. Treating vulnerabilities
4. Reporting vulnerabilities

These stages are crucial in the vulnerability management process to effectively assess and mitigate security risks in IT infrastructure.

奧夫恰連科維塔利

Good info. Do you think automated scanners like SonarQube will incorporate these new CVE feeds?

cloudshock_dev

watching their video still feels like early 2000s

akashsrivastava

SORRY FOR BEING HOT AND SMART LMFAO GET EM!!

papa_sweep

Ally should interview @LaurieWired on camera. That would be an interview to remember.

ewasteredux

Somebody tell Linux patched CVEs are remediations not vulns. Duh.

jpo

Great job on the video! As CVEs continue to get more common with more and more bug bounty hunters out there every day, I really hope that the reporting structure continues to evolve. Hi Twitch Chat! Ali what does that pink sign behind you say? Also DRIP CHECK time Ali pog

thefrub

Incognito tried to extort me but they couldn't find my history.

tony_solar

Great follow up shirt, after last week ❤

jamespifher

Manager:
I look for a conpetant individual that is a criticsl thinker. Enough paper pushers and people who cant think for themselves, sick of printing silly meme-worthy motivational posters, just need people that dont need their hands to be held (at least not for more then a 2-3 weeks until they figure out where they fit in).

jamess

Seven words that make algorithms love You.

Jerhyn