Pager 20 - Senthorus Blog

Confluence Zero-Day CVE-2023-22515

CVE-2023-22515 is a critical Confluence flaw allowing remote attackers to create admin accounts; patching is urgent to prevent exploitation.

By Leo Duntze

CVE-2023-4911 A buffer overflow in the GNU C library

The "Looney Tunables" CVE (CVE-2023-4911) in GLIBC 2.34 allows local privilege escalation via a buffer overflow in the "GLIBC_TUNABLES" variable.

By Luc Meier

General Knowledge

Encrypted Client Hello - The Price of Privacy

Encrypted Client Hello (ECH) in TLS 1.3 enhances privacy by concealing the client's destination, but raises challenges in security, compliance, and regulation.

By Jimmy Vuadens

Malware Analysis Report

Hermetic Wiper Threat Report

Read the full "Hermetic Wiper Threat Report" PDF to learn more about this threat.

By Natacha Bakir

Key controls for ICS environment

Industrial networks face unique security challenges; segmentation, monitoring, and secure design are key to protecting critical OT systems.

By Youssef El Maimouni