From the Winter 2022 Issue

Releasing 0-Days Through Public Disclosure Only Helps Attackers

Alex Haynes
CISO | Cheshire Datasystems Ltd.

At 2:25pm, on the 9th of December 2021, an infamous (now deleted) tweet linking a 0-day proof of concept exploit for the vulnerability that came to be known as ‘Log4Shell’ on github (also now deleted), set the internet on fire and kicked off a holiday season of companies scrambling to mitigate, patch and then patch some more as further and further proof of concepts appeared . . .

Leave a Comment