Couple huge patches, hackers, update for Vulners interface and other news

Check out the updated Vulners interface! Argentina shows about every few months why information security is important. For example, this month the passports of all residents of the country appeared on the network. There were also important updates for Oracle products and a fix for vulnerabilities in Google browsers. You can always contact with us … Continue reading Couple huge patches, hackers, update for Vulners interface and other news

Microsoft Monthly Patch, exploit competition and attacks

The second Tuesday of each month traditionally pleases the user with a Microsoft update. The annual Tianfu Cup was also held in which researchers demonstrate zero-day vulnerabilities with exploits for them. And the final stage of our digest is the most recent attacks. Vulnerabilities: Microsoft weekly patch, emergency for Apple and Tianfu Cup;Tools: ThreatMapper, EDRHunt … Continue reading Microsoft Monthly Patch, exploit competition and attacks

Open-source Twitter, weekly google patches and other fails

Twitter has become an open source project this week. Check out the cool research from ESET and Kaspersky teams. A typical week in information security. Vulners is helping thousands of users stay away from Twitter this week. Don't be like heroes from our news, install patches and keep an eye on security. Vulnerabilities: Apache, Honeywell … Continue reading Open-source Twitter, weekly google patches and other fails

Another day (week/month) -> another 0-day

Read about all the most important vulnerabilities in our digests and reviews. Update this month we have expanded the section with the Research, today it contains more research articles, analysis of new malware and attacks. Note that a button has been added for Tools to directly download utilities. Vulnerabilities: SonicWall, few zero-days for Chrome, 0-days … Continue reading Another day (week/month) -> another 0-day

LAW ENFORCEMENT SUCCESS and One patch: bunch of vulnerabilities

Recently, the number of vulnerabilities that come out in a single patch and the frequency of updates have been going up a lot. On the one hand it is great that vendors fix vulnerabilities fast enough, but on the other hand it is frightening to see more of them. Stay on the latest with Vulners! … Continue reading LAW ENFORCEMENT SUCCESS and One patch: bunch of vulnerabilities

Vulnerability patches and news pack for those who rarely update their software

Several packs of vulnerabilities from the most important buckets with zero-day vulnerabilities. Many of them are already being exploited in the wild. The news section shows the consequences of not installing important updates on time. If your software is in this digest - update it urgently. Vulnerabilities: Microsoft patch, Google 10th zero-day, Apple patch;Tools: DNSTake, … Continue reading Vulnerability patches and news pack for those who rarely update their software

Build exploits for zero-days and try to test their Confluence

Over the past week, the main zero-day vulnerabilities with unreleased patches from Microsoft, which, as usual, very quickly began to be exploited in the wild. And a couple of demonstrative news about why it is worth fixing vulnerabilities in your networks as quickly as possible. Vulnerabilities: Microsoft unpatched fail with exploit/PoC, Netgear devices, Android and … Continue reading Build exploits for zero-days and try to test their Confluence

Non-hype vulnerabilities and news in Vulners monthly review

Microsoft in our weekly digests of this month. Traditionally, it was collected underestimated and unmentioned vulnerabilities with the news of the past month. There will be vulnerabilities in Kindle and Trend Micro, and news about hackers in white hat and new trends in attacking guys.*All information was harvested by the author's hands via Vulners DB … Continue reading Non-hype vulnerabilities and news in Vulners monthly review

RCE with exploit in Confluence Server and Confluence Data Center (CVE-2021-26084)

On August 25, Atlassian reported a critical Remote Code Execution vulnerability in Confluence Server and Confluence Data Center. The vulnerability allows an authenticated user, and in some cases an unauthenticated user, to execute arbitrary code in Confluence Server and Confluence Data Center. Today, September 1, an article was published with a research of the vulnerability … Continue reading RCE with exploit in Confluence Server and Confluence Data Center (CVE-2021-26084)

Keep in save your devices, patch critical systems and stay on the latest

Apparently this month there is a boom in vulnerabilities in various devices. Ransomware continues to be active, improving encryption methods and introducing new techniques in attacks. But even the largest vendors are determined, after all, it's not for nothing that they miss the pack of startups in recent months. Vulnerabilities: Gaming devices, Apple exploit, TOP … Continue reading Keep in save your devices, patch critical systems and stay on the latest