Apple – Vulners Blog

Only critical vulnerabilities of the week and the newest attacks

Posted on May 31, 2021 by Dmitry Uchakin

Too many updates from the same vendors come out every month. Either the developers make more mistakes in the development process, or security researchers have begun to actively improve their own competencies. For example, Apple releases updates almost every week. As follows from the news section, attackers regularly use such vulnerabilities in their attacks. Why … Continue reading Only critical vulnerabilities of the week and the newest attacks →

New vulnerable pack, undetectable malware and MITRE 3 round tests

Posted on May 10, 2021 by Dmitry Uchakin

Another urgent update has appeared for apple products. However, 21 vulnerabilities in Exim mail servers were recognized as the leader of the past week. Recently, our news section consists of the most interesting malware, but how else? Also, don't forget to check the research section, there are some materials on the latest MITER test. Vulnerabilities: … Continue reading New vulnerable pack, undetectable malware and MITRE 3 round tests →

More malware with new vulnerabilities in the wild in the monthly digest

Posted on May 3, 2021 by Dmitry Uchakin

In the last month, almost every week we wrote about new zero-day vulnerabilities, soon Apple and Chrome are updating almost every day + their vulnerabilities are exploited in the wild. We usually don't write so much about malware, but this month there is too much of it and it is closely related to critical vulnerabilities, … Continue reading More malware with new vulnerabilities in the wild in the monthly digest →

Typical zero-days and new malware features, what else is required?

Posted on April 26, 2021 by Dmitry Uchakin

All of the vulnerabilities mentioned in the post are critical, some of them zero-day vulnerabilities that need to be urgently updated in their own products. For the second week, our news consists of malwares that are hijacking new targets (like Apple contractor) and actively evacuating. Vulnerabilities: zero-day in PulseSecure, SonicWall and Chrome, but some of … Continue reading Typical zero-days and new malware features, what else is required? →

Ransomware for your Exchange and mobile vulnerabilities 👾

Posted on March 29, 2021 by Dmitry Uchakin

The topics of email vulnerabilities continue, with more and more sophisticated vulnerabilities being exploited in attacks. Notably, new botnets/malware are automating the exploitation of the newest vulnerabilities by transforming them into worm-like weapon. Ransomware is again breaking the record for the amount of money demanded ("We need more gold!")! Vulnerabilities: rare Android vulnerability in the … Continue reading Ransomware for your Exchange and mobile vulnerabilities 👾 →

Too burning/hot weekly digest 🔥

Posted on March 15, 2021March 28, 2021 by Dmitry Uchakin

Upgrade your Exchange servers, now! Some attackers/pentesters/red teamers/researchers have already converted Proxylogon PoCs into first versions of RCEs to exploit these vulnerabilities.Microsoft has released another big and important update this week. Apart from that, there were many small but important updates with zero-day vulnerabilities. + There were various attacks, malware, and data centers burning. Vulnerabilities: … Continue reading Too burning/hot weekly digest 🔥 →

Apple weekly digest with mobile apps

Posted on February 22, 2021 by Dmitry Uchakin

This week, the first computer malware was discovered on the Apple M1, whose creators are quick to adapt. Mobile app developers take their time to update them for their products and zero-day often takes too long to fix. We collected all the main most interesting news of the week with Apple and quite a bit … Continue reading Apple weekly digest with mobile apps →

Сouple of massive updates, several f**k-ups with loud vulnerabilities and attacks

Posted on February 15, 2021February 15, 2021 by Dmitry Uchakin

Several high-profile vulnerabilities in Windows and Apple were fixed this week. Epic confusion/substitution attacks and an interesting vulnerability with secret chats in Telegram. We've picked up the top news from the past week. Vulnerabilities: releases from Microsoft and Apple + Telegram vulnerabilities;Tools: Adversary testing;News: Hacker poisoned water in an American city, amazing research, bad luck … Continue reading Сouple of massive updates, several f**k-ups with loud vulnerabilities and attacks →

Several critical updates, evil malware and security research

Posted on February 1, 2021March 24, 2021 by Dmitry Uchakin

Collected the coolest news about Apple, Cisco, zero-day and some company hacked via vulnerability in their products (lol). There are not so many cool news, but we were able to collect the most interesting ones about Whatsup, another war with the Emotet malware, a new version of NAT slipstreaming. Next month we will tell you … Continue reading Several critical updates, evil malware and security research →

Monthly digest not just about FireEye and SolarWinds hacks

Posted on December 21, 2020 by Dmitry Uchakin

The last monthly digest this year turned out to be intense and interesting. There was a lot of news about various hacks and attacks, new methods of attacks were invented and new malware was discovered. Bottom line of this month: supply chain attacks exist and the secure Security Development Lifecycle is VERY IMPORTANT! Vulnerabilities: Apple … Continue reading Monthly digest not just about FireEye and SolarWinds hacks →