Typical zero-days and new malware features, what else is required?

All of the vulnerabilities mentioned in the post are critical, some of them zero-day vulnerabilities that need to be urgently updated in their own products. For the second week, our news consists of malwares that are hijacking new targets (like Apple contractor) and actively evacuating. Vulnerabilities: zero-day in PulseSecure, SonicWall and Chrome, but some of … Continue reading Typical zero-days and new malware features, what else is required?

New pack of vulnerabilities in TCP/IP stack, malware evolution and consequences of the Pwn2Own

In addition to the monthly update from Microsoft, a new set of critical vulnerabilities in the TCP/IP stack appeared this week. Also, some researchers are publishing exploits from Pwn2Own competitions. Not much bright news, but we've gathered the most significant and useful ones! Vulnerabilities: Microsoft monthly patch, pack of critical vulnerabilities in TCP/IP stack, regular … Continue reading New pack of vulnerabilities in TCP/IP stack, malware evolution and consequences of the Pwn2Own

Vulnerability WARNINGS and how long does it take to update?

One of the highlights of the week is the Pwn2Own competition. Participants have hacked many well-known applications. As for the rest of the news: as always, update your Cisco devices and Facebook, as usual, takes care of our privacy.Welcome to the post! Don't forget to check out Vulners team documentation reborn and write your feedback;) … Continue reading Vulnerability WARNINGS and how long does it take to update?

Top and unmentioned news of the last month, except for ProxyLogon

A frightening trend of exploits/PoCs for processor vulnerabilities found in 2018 began this month. The good news is that many companies did update their Exchange servers, but the authors of the malware don't think to stop and continue to automate exploitation of the vulnerabilities. Keep subscribing to new news from Vulners and stay on the … Continue reading Top and unmentioned news of the last month, except for ProxyLogon