The Cavalry is a global grassroots organization that is focused on issues where computer security intersects public safety and human life. We strive to ensure that these technologies are worthy of the trust we place in them.
Media and Research Requests
For journalists of all media, please use my PGP key for e-mail communications. Most requests I receive are for validating claims of major security events or vulnerabilities.
About one out of every five events I examine turn out to be fully or partially true. Our little community is increasingly becoming filled with rotten apples.
There is also an assumption of anonymity on my part, with exceptions only in very specific and authorized situations.
For research discoveries and disclosure, I already have a trusted list of journalists. For individuals and groups looking to include me in their efforts, please communicate using my PGP key listed above. Do your due dilligence first. I get a lot of requests and vetting what is legitimate is time consuming..
18 October 2017 - A new attack method takes advantage a feature in Intel’s Skylake microprocessor allowing for post-intrusion application hooking and stealth manipulation of applications.
18 October 2017 - Organizations running PeopleSoft exposed to the internet should pay attention to a remote code execution vulnerability patched in the latest Oracle Critical Patch Update.
17 October 2017 - Three critical SQL injection vulnerabilities in Oracle's popular E-Business Suite make up a part of 250 bugs patched for the company's quarterly Critical Patch Update,…
17 October 2017 - Lenovo customers are being told to update their Android tablets and handsets to protect themselves against a handful of critical vulnerabilities impacting tens of millions of vulnerable Lenovo devices.
12 October 2017 - Just released:Snort Subscriber Rule Set Update for 10/12/2017We welcome the introduction of the newest rule release from Talos. In this release we introduced 34 new rules of which 17 are Shared Object rules and made modifications to 11 additional rules of which 0 are Shared Object rules. There were…
11 October 2017 - Please join the Snort team as we welcome the addition of Snort 2.9.11.0 to general availability!Snort 2.9.11.0 can be downloaded from the usual location on Snort.org.Below are the release notes:Snort 2.9.11[*] New additionsChanges to eliminate Snort restart when there are changes to the memory alloc…
10 October 2017 - Just released:Snort Subscriber Rule Set Update for 10/10/2017, MSTuesdayWe welcome the introduction of the newest rule release from Talos. In this release we introduced 33 new rules of which 6 are Shared Object rules and made modifications to 28 additional rules of which 2 are Shared Object rules. T…
5 October 2017 - Just released:Snort Subscriber Rule Set Update for 10/05/2017We welcome the introduction of the newest rule release from Talos. In this release we introduced 21 new rules of which 4 are Shared Object rules and made modifications to 12 additional rules of which 1 are Shared Object rules. There were n…
For research discoveries and disclosure, I already have a trusted list of journalists. For individuals and groups looking to include me in their efforts, please communicate using my PGP key listed above. Do your due dilligence first. I get a lot of requests and vetting what is legitimate is time consuming..
