Microsoft patch, zero-days and few attacks

The highlight of the past week is Microsoft's monthly patch. Also, take a look at the new miners for docker and malware for macOS. Vulnerabilities: Miscrorosft patch, BusyBox and Palo Alto;Tools: EXOCET, Abaddon, holehe;News: Docker miners, Robinhood compromised and attack for macOS users;Research: useful articles, cheat sheets and etc. Vulners docs Vulnerabilities Microsoft PatchTuesday Microsoft … Continue reading Microsoft patch, zero-days and few attacks

Microsoft Monthly Patch, exploit competition and attacks

The second Tuesday of each month traditionally pleases the user with a Microsoft update. The annual Tianfu Cup was also held in which researchers demonstrate zero-day vulnerabilities with exploits for them. And the final stage of our digest is the most recent attacks. Vulnerabilities: Microsoft weekly patch, emergency for Apple and Tianfu Cup;Tools: ThreatMapper, EDRHunt … Continue reading Microsoft Monthly Patch, exploit competition and attacks

Keep in save your devices, patch critical systems and stay on the latest

Apparently this month there is a boom in vulnerabilities in various devices. Ransomware continues to be active, improving encryption methods and introducing new techniques in attacks. But even the largest vendors are determined, after all, it's not for nothing that they miss the pack of startups in recent months. Vulnerabilities: Gaming devices, Apple exploit, TOP … Continue reading Keep in save your devices, patch critical systems and stay on the latest

Second Tuesday patches and several attacks in weekly news

The week of the second Tuesday of the month always sees a lot of important updates from various vendors. It's been a long time since our news section was bigger than Vulnerabilities. In the Research section you will traditionally find the most useful stuff that the author couldn't pass by. Content: Vulnerabilities: Microsoft patch and … Continue reading Second Tuesday patches and several attacks in weekly news

Underestimated news of the month in one review + new Vulners service

The Vulners team presented a new service Vulners scanner for WordPress (plugin) this month. Everyone who signs up before the end of August will receive a free lifetime license of the Vulners API for WordPress Vulners plugin! And according to tradition - every first Monday of the month publishes a monthly digest on events in … Continue reading Underestimated news of the month in one review + new Vulners service

Old vulnerabilities in new format (unfixable)

There was not much news this week, but all the important ones are in our digest. A couple of updates for the Linux kernel and an old-new vulnerability from Microsoft that has been around for several years. In addition, a little about malware and good news for the victims of REvil. Vulnerabilities: unfixable Microsoft bug, … Continue reading Old vulnerabilities in new format (unfixable)

Weekly Digest: How many patches does it take to fix one vulnerability? And for more?

Microsoft has made several attempts since June, but the author of the mimikatz continues to bypass all the patches. Likewise, other vendors have tried to close a bunch of zero-day vulnerabilities, so you can protect yourself (or not) from ransomware.Even though the most dangerous of ransomware gangs are out, most of them continue to evolve … Continue reading Weekly Digest: How many patches does it take to fix one vulnerability? And for more?

Monthly red digest with red vulnerabilities and incidents

Microsoft is the headliner of the outgoing month. Too many too critical vulnerabilities in the last month. Also, other vendors with zero-day and 1-click vulnerabilities are worth noting. In addition to vulnerabilities, there were several high-profile hacks and news about ransomware + some APT for our monthly digest. Vulnerabilities: Microsoft, IOT, Nvidia, Atlassian, Western Digital … Continue reading Monthly red digest with red vulnerabilities and incidents

Several vendor’s emergency patches, Kubernetes alarms and others

The second week of the month traditionally increases the amount of work for IT services in companies. Lots of zero-day vulnerabilities from several major vendors. Also, malware news. After all, not every day attackers use Kubernetes for mining. Read more about other threats Vulnerabilities: Microsoft, Intel and Chrome with tons of patches + critical for … Continue reading Several vendor’s emergency patches, Kubernetes alarms and others

Too many vulnerabilities on one Tuesday from 2 vendors, not to mention zero-days

Almost every week there is a new vulnerability pack with a new name, this time it's Frag Attacks (wi-fi). Another Microsoft patch has been released - there will be exploits soon. Also, a huge number of Adobe design and office products have been patched. Attackers through ransomware are becoming more and more vicious, for example, … Continue reading Too many vulnerabilities on one Tuesday from 2 vendors, not to mention zero-days