Available Microsoft 0-day , new SolarWinds vulnerability and others

Microsoft is surprised that they do not fix vulnerability zero with the existing PoC and there has been an exploit for the previous version of the bug for a long time. It is useless to post information about the SolarWinds hack, because there are too many of them and new facts (vulnerabilities) keep appearing. In … Continue reading Available Microsoft 0-day , new SolarWinds vulnerability and others

Monthly digest not just about FireEye and SolarWinds hacks

The last monthly digest this year turned out to be intense and interesting. There was a lot of news about various hacks and attacks, new methods of attacks were invented and new malware was discovered. Bottom line of this month: supply chain attacks exist and the secure Security Development Lifecycle is VERY IMPORTANT! Vulnerabilities: Apple … Continue reading Monthly digest not just about FireEye and SolarWinds hacks

Tuesday patch with Kerberos, bunch of vulnerabilities and security breaches

Lots of buzz about the FireEye hack this week, but most hack news is often a consequence of the lack of a vulnerability management process. Also this week a lot of vulnerabilities were found in Internet protocols and even Steam games. In our digests we try to show the most significant and interesting news for … Continue reading Tuesday patch with Kerberos, bunch of vulnerabilities and security breaches

Impressive IOS research, vulnerable android apps and malware news

The last couple of weeks are not so much cool news, but we have selected the most interesting and useful. In the contents you can find a short description for each section. Vulnerabilities: IOS research, android apps (check yours) and weblogic (again);Tools: Usefull tools. Depix and Karkinos should be tested;News: Only malware. IOS, Trickbot and … Continue reading Impressive IOS research, vulnerable android apps and malware news