No CVE and No Accountability - Ed Skoudis - PSW #851
Paul's Security Weekly (Audio)
00:00
Navigating Cybersecurity Vulnerabilities
This chapter explores the limitations of relying solely on Common Vulnerabilities and Exposures (CVEs) in assessing security threats to legacy systems. It emphasizes the need for proactive vulnerability research and discusses the rise of zero-day exploits, the role of state-controlled hacking actors, and the accountability of software vendors. Through the lens of a significant data breach involving MoveIt, the chapter critiques the ongoing risks associated with known vulnerabilities in commonly used software.
Transcript
Play full episode
