Latest news with #FreeBSD
Techday NZ
4 days ago
- Techday NZ
TRU wins top honours for OpenSSH vulnerability research at Pwnie Awards
The Qualys Threat Research Unit (TRU) has received two awards at the Pwnie Awards in recognition of its recent threat research concerning vulnerabilities in OpenSSH and FreeBSD. Recognition at Pwnie Awards The TRU was acknowledged for its discovery of major cybersecurity vulnerabilities, earning the titles 'Epic Achievement' and 'Best Remote Code Execution (RCE)' at the event. These accolades commend the team's work in both regression discovery and the responsible disclosure of high-impact security flaws. The Pwnie Awards are recognised within the cybersecurity research community as a benchmark for outstanding accomplishments related to the identification and resolution of security vulnerabilities. The dual recognition for TRU underscores the significance of the team's recent findings in the wider industry. Uncovered vulnerabilities The Epic Achievement award was given for the uncovering of two notable vulnerabilities within OpenSSH: CVE-2024-6387, informally known as 'regreSSHion', identified as the first pre-authentication RCE vulnerability in OpenSSH in almost two decades. CVE-2025-26465, a machine-in-the-middle vulnerability affecting OpenSSH's client, which resulted in FreeBSD systems being vulnerable by default for close to ten years. TRU was also recognised in the Best RCE category for CVE-2024-6387 ('regreSSHion'). This rare vulnerability involved a signal handler race condition in the OpenSSH server's default configuration, potentially enabling exploitable heap corruption. The identification of this flaw has broad significance due to the wide adoption and longstanding reputation of OpenSSH in secure communications. Company and leadership commentary "Qualys has a rich legacy of groundbreaking vulnerability research that sets us apart, delivering genuine expertise in a crowded market," said Sumedh Thakar, president and CEO of Qualys. "I'm proud to see our TRU team recognised for their vital role in discovering critical vulnerabilities in widely used applications, such as OpenSSH. This work strengthens the security community through responsible disclosure and gives customers a critical edge. It provides premium research that helps security teams understand exploit impacts faster and defend more effectively." The TRU has consistently collaborated with software vendors on the responsible disclosure of vulnerabilities. This commitment to swift and effective resolution contributes not only to the company's user base but also to broader improvements in cybersecurity standards. Over the last five years, TRU has accumulated 14 Pwnie Award nominations, winning four, evidence of its continued impact in the field. "These high-impact vulnerabilities in a core technology like OpenSSH affect millions of devices worldwide highlighting the importance of meticulous research and responsible disclosure," said Bharat Jogi, Senior Director, Vulnerability and Threat Research, Qualys TRU. "Our collaboration with open-source maintainers and the security community were key to rapid patches and strengthening security baselines. We're grateful to the Pwnie Award organisers and judges for recognising this work, which reflects not only our team's efforts, but a shared commitment to a safer internet." Broader implications The impact of these discoveries is notable given OpenSSH's prevalence as a core security technology. The vulnerabilities exposed by TRU, particularly the regreSSHion flaw, could have affected millions of devices. The subsequent collaboration and rapid patch development involved both open-source maintainers and wider industry stakeholders. The awards also reinforce the necessity of ongoing research and prompt disclosure in ensuring software remains resilient against emerging threats. By making research findings publicly available and liaising with affected parties, TRU demonstrates a model of effective engagement in the cybersecurity community. Follow us on: Share on:
Associated Press
31-07-2025
- Entertainment
- Associated Press
45Drives Announces Next Wave of Creators for 2025 Creators Summit in Wilmington, NC: Tom Lawrence, Craft Computing, and Allan Jude Join the Lineup
SYDNEY, NOVA SCOTIA and WILMINGTON, NC - July 31, 2025 ( NEWMEDIAWIRE ) - On the heels of the recent announcement that electronic music visionary and open tech advocate deadmau5 will headline this year's event, 45Drives is thrilled to unveil the next wave of featured participants for the 2025 Creators Summit, taking place September 8-12, 2025 in Wilmington, North Carolina. Joining this year's growing lineup are three of the most influential voices in open infrastructure and systems education: Tom Lawrence of Lawrence Systems, Jeff of Craft Computing, and Allan Jude, VP of Engineering at Klara Inc. and a long-time contributor to FreeBSD and OpenZFS. These creators will join engineers, customers, and community leaders for an unprecedented week of collaboration, technical deep-dives, and real-time content creation. Now in its third year - and hosted in the U.S. for the first time - the 2025 Creators Summit will be the company's most ambitious to date. The weeklong event will feature dual-track programming tailored to both enterprise users and creative professionals, along with the global debut of 45Studio, a new division and product suite designed for video editors, VFX artists, game developers, and other high-performance creative workflows. Tom Lawrence said, 'I'm looking forward to attending the 2025 45Drives Creators Summit. 45Drives doesn't just talk about supporting open source and innovation - they create real opportunities to make it happen. The summit brings together creators, engineers, and open-source advocates to collaborate and exchange ideas. Why creators? Because 45Drives believes these valuable conversations shouldn't stay within the walls of the event. They should be shared across our collective channels so others can learn from and benefit from the work being done.' This year's Enterprise Track will explore next-gen storage performance using ZFS, Ceph, and DRBD on bleeding-edge platforms like the Stornado F16. Engineers and creators will work hands-on with ultra-high-performance NVMe servers, real-world use cases, and open software stacks to stress-test what's possible in modern data infrastructure. In parallel, the Creative Artist Track will focus on open workflows for creators - from direct-from-server 4K editing to real-time game engine rendering. This track is built for independent filmmakers, music producers, YouTubers, and DIY professionals looking to push the limits of creative technology without vendor lock-in or legacy complexity. Dr. Doug Milburn, President and Co-Founder of 45Drives, said, 'This isn't just a tech summit - it's a philosophy in motion. We believe the open-source community gets stronger when creators are embedded in the process, not just reporting on it from the outside. This year, with the launch of 45Studio and our growing presence in the U.S., we're building a platform not just for open hardware, but for the future of creative and enterprise computing itself.' Allan Jude's presence brings deep systems-level insight to the summit's technical sessions. As a long-standing FreeBSD and OpenZFS committer and co-host of the podcast, Allan will join peer experts to explore the state of open-source file systems and infrastructure design at scale. Events will be held at 45Drives' new U.S. facilities and partner venues across Wilmington, with active participation from local education partners including UNCW and Cape Fear Community College. Many sessions will be open to the public, giving local creators, students, and IT professionals the opportunity to participate in live keynotes, demos, and panel discussions. With more creators, media, analysts, customers, and ecosystem partners still to be announced, 45Drives is setting the stage for its most collaborative and community-driven summit yet. To register or learn more, visit the official 2025 Creator Summit page: About 45Drives 45Drives is a division of Protocase Inc., specializing in large, scalable, and cost-effective open-source storage solutions. Based in Sydney, Nova Scotia, and Wilmington, North Carolina, 45Drives provides enterprise-grade hardware backed by a commitment to open standards, community education, and customer empowerment. From Ceph deployments to open-platform storage appliances, 45Drives helps clients all over the world take control of their data. Contact: Jonathan Phillips [email protected] View the original release on
