Discover and read the best of Twitter Threads about #simjacker
Most recents (1)
This thread is about #Simjacker.
A good friend asked me what I thought about it and I admitted I hadn't bothered to read up on it.
One of the things we did with @savagesec was that we wrote up advisories for our customers. A lot of them had to do with these 'named' vulns.
A good friend asked me what I thought about it and I admitted I hadn't bothered to read up on it.
One of the things we did with @savagesec was that we wrote up advisories for our customers. A lot of them had to do with these 'named' vulns.
My first impression is superficial and not positive. We've got all the red flags here.
🚩named vulnerability
🚩logo (animated, even!)
🚩dark, ominous video
🚩lacking key, important details
🚩lead gen form to download paper
🚩named vulnerability
🚩logo (animated, even!)
🚩dark, ominous video
🚩lacking key, important details
🚩lead gen form to download paper
I wrote up advisories for some big ones - BlueBorne, KRACK, EFail, Meltdown/Spectre and others.
In addition to the common denominators above, they all had some stuff in common. They claimed HUGE impact, when the impact was actually much smaller because of circumstances.
In addition to the common denominators above, they all had some stuff in common. They claimed HUGE impact, when the impact was actually much smaller because of circumstances.
