ransomware – Vulners Blog

Several vendor’s emergency patches, Kubernetes alarms and others

Posted on June 14, 2021 by Dmitry Uchakin

The second week of the month traditionally increases the amount of work for IT services in companies. Lots of zero-day vulnerabilities from several major vendors. Also, malware news. After all, not every day attackers use Kubernetes for mining. Read more about other threats Vulnerabilities: Microsoft, Intel and Chrome with tons of patches + critical for … Continue reading Several vendor’s emergency patches, Kubernetes alarms and others →

Only critical vulnerabilities of the week and the newest attacks

Posted on May 31, 2021 by Dmitry Uchakin

Too many updates from the same vendors come out every month. Either the developers make more mistakes in the development process, or security researchers have begun to actively improve their own competencies. For example, Apple releases updates almost every week. As follows from the news section, attackers regularly use such vulnerabilities in their attacks. Why … Continue reading Only critical vulnerabilities of the week and the newest attacks →

Too many vulnerabilities on one Tuesday from 2 vendors, not to mention zero-days

Posted on May 17, 2021 by Dmitry Uchakin

Almost every week there is a new vulnerability pack with a new name, this time it's Frag Attacks (wi-fi). Another Microsoft patch has been released - there will be exploits soon. Also, a huge number of Adobe design and office products have been patched. Attackers through ransomware are becoming more and more vicious, for example, … Continue reading Too many vulnerabilities on one Tuesday from 2 vendors, not to mention zero-days →

More malware with new vulnerabilities in the wild in the monthly digest

Posted on May 3, 2021 by Dmitry Uchakin

In the last month, almost every week we wrote about new zero-day vulnerabilities, soon Apple and Chrome are updating almost every day + their vulnerabilities are exploited in the wild. We usually don't write so much about malware, but this month there is too much of it and it is closely related to critical vulnerabilities, … Continue reading More malware with new vulnerabilities in the wild in the monthly digest →

Typical zero-days and new malware features, what else is required?

Posted on April 26, 2021 by Dmitry Uchakin

All of the vulnerabilities mentioned in the post are critical, some of them zero-day vulnerabilities that need to be urgently updated in their own products. For the second week, our news consists of malwares that are hijacking new targets (like Apple contractor) and actively evacuating. Vulnerabilities: zero-day in PulseSecure, SonicWall and Chrome, but some of … Continue reading Typical zero-days and new malware features, what else is required? →

Top and unmentioned news of the last month, except for ProxyLogon

Posted on April 5, 2021 by Dmitry Uchakin

A frightening trend of exploits/PoCs for processor vulnerabilities found in 2018 began this month. The good news is that many companies did update their Exchange servers, but the authors of the malware don't think to stop and continue to automate exploitation of the vulnerabilities. Keep subscribing to new news from Vulners and stay on the … Continue reading Top and unmentioned news of the last month, except for ProxyLogon →

Ransomware for your Exchange and mobile vulnerabilities 👾

Posted on March 29, 2021 by Dmitry Uchakin

The topics of email vulnerabilities continue, with more and more sophisticated vulnerabilities being exploited in attacks. Notably, new botnets/malware are automating the exploitation of the newest vulnerabilities by transforming them into worm-like weapon. Ransomware is again breaking the record for the amount of money demanded ("We need more gold!")! Vulnerabilities: rare Android vulnerability in the … Continue reading Ransomware for your Exchange and mobile vulnerabilities 👾 →

Too burning/hot weekly digest 🔥

Posted on March 15, 2021March 28, 2021 by Dmitry Uchakin

Upgrade your Exchange servers, now! Some attackers/pentesters/red teamers/researchers have already converted Proxylogon PoCs into first versions of RCEs to exploit these vulnerabilities.Microsoft has released another big and important update this week. Apart from that, there were many small but important updates with zero-day vulnerabilities. + There were various attacks, malware, and data centers burning. Vulnerabilities: … Continue reading Too burning/hot weekly digest 🔥 →

Huge patches from vendors, Vulners news and hot Android malware

Posted on March 1, 2021 by Dmitry Uchakin

There has been a lot of news about Apple and Android this month, as the first malware for the Apple M1 has started to appear and malware developers are not wasting time. Cisco also released a big update package for their devices, and SonicWall is not fixing its problems. A little bit about what's new … Continue reading Huge patches from vendors, Vulners news and hot Android malware →

Сouple of massive updates, several f**k-ups with loud vulnerabilities and attacks

Posted on February 15, 2021February 15, 2021 by Dmitry Uchakin

Several high-profile vulnerabilities in Windows and Apple were fixed this week. Epic confusion/substitution attacks and an interesting vulnerability with secret chats in Telegram. We've picked up the top news from the past week. Vulnerabilities: releases from Microsoft and Apple + Telegram vulnerabilities;Tools: Adversary testing;News: Hacker poisoned water in an American city, amazing research, bad luck … Continue reading Сouple of massive updates, several f**k-ups with loud vulnerabilities and attacks →