Heap overflow in the necp_client_action syscall

Heap overflow in the necp_client_action syscall

GRIMM
One of the things that is important to us at GRIMM is making sure there is time to experiment, and explore new ways of approaching problems. We want to answer the big questions like “How can we find vulnerabilities that other tools and manual analysis has overlooked?” This is what we are passionate about. So when one of our engineers has an idea for a new fuzzer, we try to make time for them to put their idea to the test.
A Three-Step Approach to Threats: What All Organizations Should Know (but Equifax Doesn’t)

A Three-Step Approach to Threats: What All Organizations Should Know (but Equifax Doesn’t)

Bryson Bort
Within the context of historical cyber breaches, this can be classified as a massive attack: Equifax, one of the “big three” credit-rating agencies, announced earlier this month thathackers gained access to the Social Security numbers, credit card data, driver’s licenses, home addresses and other personally identifiable information (PII) of up to 143 million Americans. Some two-dozen class-action lawsuits (and counting?) followed, along with stinging criticism from consumer groups and congressional leaders.