Security analysis tool Binwalk poses a risk to users running outdated versions due to a security pitfall that could lead to remote code execution. Researcher Quentin Kaiser discovered that a mistake in binwalk’s Professional File System extractor plugin has created a vulnerability that lets files be written outside of the extraction directory. Kaiser eventually alerted Microsoft-owned Refirm Labs to the issue, which released a patch for it after three months.
Why zero-trust and portless connectivity are no longer optional
The healthcare industry has experienced a 261% month-over-month increase in data breaches in July 2023. Ransomware and cyber threats are exploiting poorly managed solutions and