Conversation
buherator
buherator
Who does updates over HTTP and without signature enforcement in 2024? Of course it's an AV: https://decoded.avast.io/janrubin/guptiminer-hijacking-antivirus-updates-for-distributing-backdoors-and-casual-mining/
1
1
4
eScan AV also seems like a truly professional company:
- While they have a Vulnerability Disclosure Program, there is no listing of security advisories (ProTip: always make sure your vendor has an advisory listing)
- There is a Hall of Fame though, that just outright discloses the email addresses of reporters, but no info about the vulns
- This CVE record references a blog post, that simply bitrotted: https://nvd.nist.gov/vuln/detail/CVE-2018-18388
- While they have a Vulnerability Disclosure Program, there is no listing of security advisories (ProTip: always make sure your vendor has an advisory listing)
- There is a Hall of Fame though, that just outright discloses the email addresses of reporters, but no info about the vulns
- This CVE record references a blog post, that simply bitrotted: https://nvd.nist.gov/vuln/detail/CVE-2018-18388
0
0
1