@tobaslouis : Details of the OpenSSL vuln have now been released. Downgraded from Crit > High. No known exploit POC & no ITW exploitation. A big factor is that it would need pre-existing compromise of the CA path to even reach the vuln code. If that's happened, there are bigger problems. • TwiCopy

Toby Lewis

@tobaslouis

+ Follow

Global Head of Threat Analysis at @Darktrace. Previously @NCSC. All things Cyber Security Ops, Threat Hunting, Threat Intel and Incident Mgmt.

ID: 397245619

linkhttps://open.substack.com/pub/tobylewis calendar_today24-10-2011 12:45:45

480 Tweet

456 Followers

862 Following

Toby Lewis

@tobaslouis

3 years ago

Details of the OpenSSL vuln have now been released. Downgraded from Crit > High. No known exploit POC & no ITW exploitation. A big factor is that it would need pre-existing compromise of the CA path to even reach the vuln code. If that's happened, there are bigger problems.

thumb_up_off_alt1

chat_bubble_outline1

repeat1

shareShare