One of the highlights of the week is the Pwn2Own competition. Participants have hacked many well-known applications. As for the rest of the news: as always, update your Cisco devices and Facebook, as usual, takes care of our privacy.Welcome to the post! Don't forget to check out Vulners team documentation reborn and write your feedback;) … Continue reading Vulnerability WARNINGS and how long does it take to update?
A frightening trend of exploits/PoCs for processor vulnerabilities found in 2018 began this month. The good news is that many companies did update their Exchange servers, but the authors of the malware don't think to stop and continue to automate exploitation of the vulnerabilities. Keep subscribing to new news from Vulners and stay on the … Continue reading Top and unmentioned news of the last month, except for ProxyLogon
The topics of email vulnerabilities continue, with more and more sophisticated vulnerabilities being exploited in attacks. Notably, new botnets/malware are automating the exploitation of the newest vulnerabilities by transforming them into worm-like weapon. Ransomware is again breaking the record for the amount of money demanded ("We need more gold!")! Vulnerabilities: rare Android vulnerability in the … Continue reading Ransomware for your Exchange and mobile vulnerabilities 👾
According by the new botnets and ransomware, malware creators are increasingly trying to automate the exploitation of new vulnerabilities (like ProxyLogon or others). And at the same time, Microsoft continues to try to fix / detect / somehow help vulnerable mail Exchange servers. 15 Years Linux Kernel Subsystem Vulnerabilities and Specter vulnerability PoC code - … Continue reading Spectre exploit, tons of malware and a lot of updates in one digest
Upgrade your Exchange servers, now! Some attackers/pentesters/red teamers/researchers have already converted Proxylogon PoCs into first versions of RCEs to exploit these vulnerabilities.Microsoft has released another big and important update this week. Apart from that, there were many small but important updates with zero-day vulnerabilities. + There were various attacks, malware, and data centers burning. Vulnerabilities: … Continue reading Too burning/hot weekly digest 🔥
This week is full of news about zero-day vulnerabilities, attacks using them. There were also hacks, talk about data breaches? When an emergency update comes out, you better apply it, because you might already be attacked. Vulnerabilities: Exploit for Spectre + Meltdown, your exchange has been hacked and install the latest updates for Chrome!;Tools: mostly … Continue reading Zero-day: the main topic of this weekly digest
There has been a lot of news about Apple and Android this month, as the first malware for the Apple M1 has started to appear and malware developers are not wasting time. Cisco also released a big update package for their devices, and SonicWall is not fixing its problems. A little bit about what's new … Continue reading Huge patches from vendors, Vulners news and hot Android malware
This week, the first computer malware was discovered on the Apple M1, whose creators are quick to adapt. Mobile app developers take their time to update them for their products and zero-day often takes too long to fix. We collected all the main most interesting news of the week with Apple and quite a bit … Continue reading Apple weekly digest with mobile apps
Several high-profile vulnerabilities in Windows and Apple were fixed this week. Epic confusion/substitution attacks and an interesting vulnerability with secret chats in Telegram. We've picked up the top news from the past week. Vulnerabilities: releases from Microsoft and Apple + Telegram vulnerabilities;Tools: Adversary testing;News: Hacker poisoned water in an American city, amazing research, bad luck … Continue reading Сouple of massive updates, several f**k-ups with loud vulnerabilities and attacks
Google Chrome is updated every week with new vulnerabilities/malicious extensions/zero-day and other stuff, which is why it needs to be updated regularly, just like other important software. Also this week, a sequel to the SonicWall story came out. Google launched a cool new vulnerability service OSV, which the Vulners team immediately automated it - "Stay … Continue reading New robot from Vulners, strong vulnerabilities and new malicious activity.