Vulners Blog

Vulnerability patches and news pack for those who rarely update their software

Posted on September 20, 2021September 20, 2021 by Dmitry Uchakin

Several packs of vulnerabilities from the most important buckets with zero-day vulnerabilities. Many of them are already being exploited in the wild. The news section shows the consequences of not installing important updates on time. If your software is in this digest - update it urgently. Vulnerabilities: Microsoft patch, Google 10th zero-day, Apple patch;Tools: DNSTake, … Continue reading Vulnerability patches and news pack for those who rarely update their software →

Underestimated news of the month in one review + new Vulners service

Posted on August 2, 2021August 9, 2021 by Dmitry Uchakin

The Vulners team presented a new service Vulners scanner for WordPress (plugin) this month. Everyone who signs up before the end of August will receive a free lifetime license of the Vulners API for WordPress Vulners plugin! And according to tradition - every first Monday of the month publishes a monthly digest on events in … Continue reading Underestimated news of the month in one review + new Vulners service →

Weekly/daily zero-days and ransomware news

Posted on June 21, 2021June 21, 2021 by Dmitry Uchakin

This week Apple and Google fixed zero-day vulnerabilities. More information about APTs and ransomware. All this proves once again that vulnerability management process in information security is just as important as the others. Vulnerabilities: Few zero-days from Chrome and Apple, cool Instagram bug and do you use paint?Tools: Event killer, aim to shellcoders, Rustcat (like … Continue reading Weekly/daily zero-days and ransomware news →

Only critical vulnerabilities of the week and the newest attacks

Posted on May 31, 2021 by Dmitry Uchakin

Too many updates from the same vendors come out every month. Either the developers make more mistakes in the development process, or security researchers have begun to actively improve their own competencies. For example, Apple releases updates almost every week. As follows from the news section, attackers regularly use such vulnerabilities in their attacks. Why … Continue reading Only critical vulnerabilities of the week and the newest attacks →

New vulnerable pack, undetectable malware and MITRE 3 round tests

Posted on May 10, 2021 by Dmitry Uchakin

Another urgent update has appeared for apple products. However, 21 vulnerabilities in Exim mail servers were recognized as the leader of the past week. Recently, our news section consists of the most interesting malware, but how else? Also, don't forget to check the research section, there are some materials on the latest MITER test. Vulnerabilities: … Continue reading New vulnerable pack, undetectable malware and MITRE 3 round tests →

More malware with new vulnerabilities in the wild in the monthly digest

Posted on May 3, 2021 by Dmitry Uchakin

In the last month, almost every week we wrote about new zero-day vulnerabilities, soon Apple and Chrome are updating almost every day + their vulnerabilities are exploited in the wild. We usually don't write so much about malware, but this month there is too much of it and it is closely related to critical vulnerabilities, … Continue reading More malware with new vulnerabilities in the wild in the monthly digest →

Typical zero-days and new malware features, what else is required?

Posted on April 26, 2021 by Dmitry Uchakin

All of the vulnerabilities mentioned in the post are critical, some of them zero-day vulnerabilities that need to be urgently updated in their own products. For the second week, our news consists of malwares that are hijacking new targets (like Apple contractor) and actively evacuating. Vulnerabilities: zero-day in PulseSecure, SonicWall and Chrome, but some of … Continue reading Typical zero-days and new malware features, what else is required? →

Ransomware for your Exchange and mobile vulnerabilities 👾

Posted on March 29, 2021 by Dmitry Uchakin

The topics of email vulnerabilities continue, with more and more sophisticated vulnerabilities being exploited in attacks. Notably, new botnets/malware are automating the exploitation of the newest vulnerabilities by transforming them into worm-like weapon. Ransomware is again breaking the record for the amount of money demanded ("We need more gold!")! Vulnerabilities: rare Android vulnerability in the … Continue reading Ransomware for your Exchange and mobile vulnerabilities 👾 →

Too burning/hot weekly digest 🔥

Posted on March 15, 2021March 28, 2021 by Dmitry Uchakin

Upgrade your Exchange servers, now! Some attackers/pentesters/red teamers/researchers have already converted Proxylogon PoCs into first versions of RCEs to exploit these vulnerabilities.Microsoft has released another big and important update this week. Apart from that, there were many small but important updates with zero-day vulnerabilities. + There were various attacks, malware, and data centers burning. Vulnerabilities: … Continue reading Too burning/hot weekly digest 🔥 →

Apple weekly digest with mobile apps

Posted on February 22, 2021 by Dmitry Uchakin

This week, the first computer malware was discovered on the Apple M1, whose creators are quick to adapt. Mobile app developers take their time to update them for their products and zero-day often takes too long to fix. We collected all the main most interesting news of the week with Apple and quite a bit … Continue reading Apple weekly digest with mobile apps →