Conversation
gergelykalman@infosec.exchange

gergelykalman

Since it's almost been a year and OBTSv7 is around the corner, I published the long overdue writeup for badmalloc:
https://gergelykalman.com/badmalloc-CVE-2023-32428-a-macos-lpe.html

4
4
0
raptor@infosec.exchange

Marco Ivaldi

Reply to @gergelykalman@infosec.exchange

@gergelykalman @buherator nice 👍

0
0
0
fink@chaos.social

Fink antifa

Reply to @gergelykalman@infosec.exchange

@gergelykalman
@lapcatsoftware

Is there a website where I can review a companys security handling?
E.g. how long they took from initial contact to acknowledgement, bounty handling, etc?

2
0
0
gergelykalman@infosec.exchange

gergelykalman

Reply to @fink@chaos.social

@fink @lapcatsoftware I don't know of any such thing

0
0
0
buherator

buherator

Reply to @fink@chaos.social
@fink @gergelykalman @lapcatsoftware I remember @thezdi and maybe Microsoft publishing similar info from their programs (ZDI handles multiple vendors), but have no links unfortunately.
1
0
1
buherator

buherator

Reply to @buherator
@fink @gergelykalman @lapcatsoftware @thezdi Oh and let's not forget Project Zero (data is open on their tracker and maybe they had some stats too?)
0
0
1
screaminggoat@infosec.exchange

Not a Goat 🦝

Reply to @gergelykalman@infosec.exchange

@gergelykalman cc: @shellsharks Designer Vulnerability badmalloc CVE-2023-32428

0
0
0
About infosec.place

Terms of Service

This is a placeholder, overwrite this by putting a file at 

$STATIC_DIR/static/terms-of-service.html

See the Static Directory docs for more info.