Exploiting and Mitigating SeriousSAM / HiveNightmare
The Microsoft Patch Tuesday update on August 10, 2021 “addressed” SeriousSAM a.k.a. HiveNightmare (CVE-2021-36934). So it’s all fixed right? Not quite!
Recent Posts
CarolinaCon 15: Writing Exploit-Resistant Code With OpenBSD
On April 27, 2019, I gave a talk on how to use OpenBSD to write better software at CarolinaCon 15 in Charlotte.
Testing Your Snort Rules Redux
Exactly four years ago, I blogged about testing Snort rules on OpenBSD. That post described a quick way to test if Snort has correctly loaded your rules and ...
Dissecting OpenBSD’s divert(4) Part 1: Introduction
For more than four years I have been using and tinkering with OpenBSD’s divert(4). At one point after OpenBSD 4.9 was released, I ran into an annoying bug in...
reallocarray() in OpenBSD: Integer Overflow Detection for Free
The upcoming OpenBSD 5.6 release introduces a new libc function called reallocarray(3) that extends realloc(3) with built-in integer overflow detection. In t...