Timely patching for your WordPress with Vulners scanner

The Vulners team presents a new service - Vulners Scanner for WordPress. It's a plugin for your WordPress projects that uses the Vulners API to detect vulnerabilities in a resource based on vulnerable packages. Read this quick preview and enjoy using: IntroductionHow to use it?Conclusion Vulners scanner Introduction Over the past year, we have often … Continue reading Timely patching for your WordPress with Vulners scanner

Old vulnerabilities in new format (unfixable)

There was not much news this week, but all the important ones are in our digest. A couple of updates for the Linux kernel and an old-new vulnerability from Microsoft that has been around for several years. In addition, a little about malware and good news for the victims of REvil. Vulnerabilities: unfixable Microsoft bug, … Continue reading Old vulnerabilities in new format (unfixable)

Weekly Digest: How many patches does it take to fix one vulnerability? And for more?

Microsoft has made several attempts since June, but the author of the mimikatz continues to bypass all the patches. Likewise, other vendors have tried to close a bunch of zero-day vulnerabilities, so you can protect yourself (or not) from ransomware.Even though the most dangerous of ransomware gangs are out, most of them continue to evolve … Continue reading Weekly Digest: How many patches does it take to fix one vulnerability? And for more?

Breaking news/digest for a whole week

Not many vulnerabilities appeared this week, almost no zero-days. But all the mentioned vulnerabilities are critical and need to be fixed urgently. Unfortunately, there are updates that do not work, or rather work, but not completely and still work. Read our digest and it will become more clear! Of the news, we don't post the … Continue reading Breaking news/digest for a whole week

Monthly red digest with red vulnerabilities and incidents

Microsoft is the headliner of the outgoing month. Too many too critical vulnerabilities in the last month. Also, other vendors with zero-day and 1-click vulnerabilities are worth noting. In addition to vulnerabilities, there were several high-profile hacks and news about ransomware + some APT for our monthly digest. Vulnerabilities: Microsoft, IOT, Nvidia, Atlassian, Western Digital … Continue reading Monthly red digest with red vulnerabilities and incidents

Lots of ransomware with couple vulnerabilities

This week there was a lot of news related to ransomware, including the closure of Binance cryptocurrency exchanges in many countries due to money laundering. Not all vendors can fix vulnerabilities the first time, which is one way zero-day vulnerabilities appear. Vulnerabilities: Pling application store, tons of vulnerabilities from Nvidia and unpatched SonicWall;Tools: SSH bruteforcer … Continue reading Lots of ransomware with couple vulnerabilities

Weekly/daily zero-days and ransomware news

This week Apple and Google fixed zero-day vulnerabilities. More information about APTs and ransomware. All this proves once again that vulnerability management process in information security is just as important as the others. Vulnerabilities: Few zero-days from Chrome and Apple, cool Instagram bug and do you use paint?Tools: Event killer, aim to shellcoders, Rustcat (like … Continue reading Weekly/daily zero-days and ransomware news

Several vendor’s emergency patches, Kubernetes alarms and others

The second week of the month traditionally increases the amount of work for IT services in companies. Lots of zero-day vulnerabilities from several major vendors. Also, malware news. After all, not every day attackers use Kubernetes for mining. Read more about other threats Vulnerabilities: Microsoft, Intel and Chrome with tons of patches + critical for … Continue reading Several vendor’s emergency patches, Kubernetes alarms and others

Monthly Vulners Review with TOP vulnerabilities and news

This month, Vulners published new functionality for auditing Linux CentOS via Errata plugin (like RHEL). After that, we updated our new docs and wrote current monthly review of the top news. This month was full of zero-day, critical patches (not for everyone) and many different hacks with information security news. Vulnerabilities: Mobile processors, Realtek, Cisco, … Continue reading Monthly Vulners Review with TOP vulnerabilities and news

Install relevant security updates for CentOS with Errata plugin from Vulners

The Vulners team presents an additional auditing method for Linux CentOS distributions of versions 7 and 8 via errata for centos. Errata is a yum-plugin-security for installing only security updates/patching individual vulnerabilities on Linux systems. What is the point of installing ALL UPDATES every time? Let's tell you more. Free CentOS errata from Vulners Introduction … Continue reading Install relevant security updates for CentOS with Errata plugin from Vulners