Bug Parade with all headliners, zero-days and malware news

Recently, there has been a lot of news about ransomware and their types. Nvidia and google chrome began to release updates more often. Vulnerabilities: Nvidia, Google Chrome and cool report from NSA;Tools: New PlumHound module (BlueHound), tool for SOC analysts and etc.;News: Malware, attacks and games;Research: Have you ever heard about Flare-On? It was attached … Continue reading Bug Parade with all headliners, zero-days and malware news

Microsoft patch, powerfull malware and zero-days

Macrosoft, as usual, closed one problem - two new ones appeared. In this weekly digest there are many mentions of using the latest vulnerabilities in attacks. It shows the impact of vulnerability managment process and what happens if you don't do it. Vulnerabilities: Default Microsoft patch, too critical vulnerabilities in VPN soft and etc.;Tools: Mainly … Continue reading Microsoft patch, powerfull malware and zero-days

Monthly bunch of vulnerabilities in different directions and almost without hype

In this monthly overview we want to show you something that has not been written about yet, but at the end of the month we consider the most interesting and cool. Vulnerabilities: Several vulnerabilities for an enterprise, a few for regular users and a couple of non-standard ones worth knowing about;Tools: Other Undescribed Tools: web, … Continue reading Monthly bunch of vulnerabilities in different directions and almost without hype

ICS vulnerabilities, new features from GitHub and ransomware

More and more often, ICSs become the target of ransomware attacks. The industrial field is very important, besides this week came out a set of critical vulnerabilities. Also, GitHub released functionality to scan repositories and a lot of research materials to expose threats. Vulnerabilities: ICS 🙂 and vulnerability in the wild;Tools: Git, smbAutoRelay, etc;News: New … Continue reading ICS vulnerabilities, new features from GitHub and ransomware