Emotet come back, vulnerable PyPi packets and APT activity

Fighting well-known malware is an endless activity. This fall is not the first case of infection of packages that are actively used in the development of various software. Have you tried the new GitHub exploit yet? Vulnerabilities: DNS spoofing, Netgear SOHO routers and malicious python packets;Tools: STACS, Kubernetes-Goat and Gotanda - coold extension;News: RedCurl and … Continue reading Emotet come back, vulnerable PyPi packets and APT activity

Vulners got all exploits from GitHub

Vulners released new robot to search exploits/PoC in open-source projects on the GitHub. Enrich your vulnerability systems with new data and set up new correlation. Maybe your previous vulnerabilities will turn out to be more critical with the new parameters? The feature is available to all Enterprise subscription users. You can start testing this feature … Continue reading Vulners got all exploits from GitHub

Microsoft patch, zero-days and few attacks

The highlight of the past week is Microsoft's monthly patch. Also, take a look at the new miners for docker and malware for macOS. Vulnerabilities: Miscrorosft patch, BusyBox and Palo Alto;Tools: EXOCET, Abaddon, holehe;News: Docker miners, Robinhood compromised and attack for macOS users;Research: useful articles, cheat sheets and etc. Vulners docs Vulnerabilities Microsoft PatchTuesday Microsoft … Continue reading Microsoft patch, zero-days and few attacks

Several critical vulnerabilities, $$$ for hacker info and new attack vectors

There hasn't been much news over the past week, but we've collected the brightest. Several critical vulnerabilities and a couple of news. Noteworthy - updates of cool tools like impacket, APT-hunter and in the research section of the toolset APT groups. Vulnerabilities: GitHub exploit in the wild, Android patch and Linux kernel;Tools: APT-Hunter V2.0 release, … Continue reading Several critical vulnerabilities, $$$ for hacker info and new attack vectors

Lucky month for law enforcement, patching vulnerabilities and fighting malware

There is a lot of news this month about large-scale investigations by law enforcement agencies and other good guys. The release of decryptors undermines the ransomware business and is an effective way to combat them. Also, as usual, there were packs of updates/fixes from major vendors. Did you check out the new search in the … Continue reading Lucky month for law enforcement, patching vulnerabilities and fighting malware

Couple huge patches, hackers, update for Vulners interface and other news

Check out the updated Vulners interface! Argentina shows about every few months why information security is important. For example, this month the passports of all residents of the country appeared on the network. There were also important updates for Oracle products and a fix for vulnerabilities in Google browsers. You can always contact with us … Continue reading Couple huge patches, hackers, update for Vulners interface and other news

Microsoft Monthly Patch, exploit competition and attacks

The second Tuesday of each month traditionally pleases the user with a Microsoft update. The annual Tianfu Cup was also held in which researchers demonstrate zero-day vulnerabilities with exploits for them. And the final stage of our digest is the most recent attacks. Vulnerabilities: Microsoft weekly patch, emergency for Apple and Tianfu Cup;Tools: ThreatMapper, EDRHunt … Continue reading Microsoft Monthly Patch, exploit competition and attacks

Open-source Twitter, weekly google patches and other fails

Twitter has become an open source project this week. Check out the cool research from ESET and Kaspersky teams. A typical week in information security. Vulners is helping thousands of users stay away from Twitter this week. Don't be like heroes from our news, install patches and keep an eye on security. Vulnerabilities: Apache, Honeywell … Continue reading Open-source Twitter, weekly google patches and other fails

Another day (week/month) -> another 0-day

Read about all the most important vulnerabilities in our digests and reviews. Update this month we have expanded the section with the Research, today it contains more research articles, analysis of new malware and attacks. Note that a button has been added for Tools to directly download utilities. Vulnerabilities: SonicWall, few zero-days for Chrome, 0-days … Continue reading Another day (week/month) -> another 0-day

LAW ENFORCEMENT SUCCESS and One patch: bunch of vulnerabilities

Recently, the number of vulnerabilities that come out in a single patch and the frequency of updates have been going up a lot. On the one hand it is great that vendors fix vulnerabilities fast enough, but on the other hand it is frightening to see more of them. Stay on the latest with Vulners! … Continue reading LAW ENFORCEMENT SUCCESS and One patch: bunch of vulnerabilities