Author: Dmitry Uchakin
Spring vulnerabilities – Log4j flashbacks
Post is about the latest vulnerabilities in Spring framework, without boring details, only facts and what you need to know about these vulnerabilities. (links to detailed info in the post) […]
Easy way to privilege escalation in any Linux via pkexec 🔥🔥🔥
CVE-2021-4034: pwnkit: Local Privilege Escalation in polkit’s pkexec for almost any Linux system. Vulnerability == Bug. The first bug commit appeared in May 2009. Qualys researchers reported this vulnerability exploitation […]
Project zero on the move, vulnerabilities in theWild and Nginx malware
Mostly an ordinary week with critical vulnerabilities in ZOOM, Zoho and Mazilla, but Google Project Zero on the move. Also, a couple of cool malware. Vulnerabilities: Mozilla NSS, ZOOM and […]
Continuous patching Microsoft, tons of zero-days for one month and other “mistakes”
Month of non-stop Microsoft fixes and even if you install everything, you still remain vulnerable (PrintNightmare is a real nightmare). There were also many zero-days that everyone was so used […]
Emotet come back, vulnerable PyPi packets and APT activity
Fighting well-known malware is an endless activity. This fall is not the first case of infection of packages that are actively used in the development of various software. Have you […]
Vulners got all exploits from GitHub
Vulners released new robot to search exploits/PoC in open-source projects on the GitHub. Enrich your vulnerability systems with new data and set up new correlation. Maybe your previous vulnerabilities will […]
Microsoft patch, zero-days and few attacks
The highlight of the past week is Microsoft’s monthly patch. Also, take a look at the new miners for docker and malware for macOS. Vulnerabilities: Miscrorosft patch, BusyBox and Palo […]
Several critical vulnerabilities, $$$ for hacker info and new attack vectors
There hasn’t been much news over the past week, but we’ve collected the brightest. Several critical vulnerabilities and a couple of news. Noteworthy – updates of cool tools like impacket, […]
Lucky month for law enforcement, patching vulnerabilities and fighting malware
There is a lot of news this month about large-scale investigations by law enforcement agencies and other good guys. The release of decryptors undermines the ransomware business and is an […]
Couple huge patches, hackers, update for Vulners interface and other news
Check out the updated Vulners interface! Argentina shows about every few months why information security is important. For example, this month the passports of all residents of the country appeared […]