Another day (week/month) -> another 0-day

Read about all the most important vulnerabilities in our digests and reviews. Update this month we have expanded the section with the Research, today it contains more research articles, analysis of new malware and attacks. Note that a button has been added for Tools to directly download utilities. Vulnerabilities: SonicWall, few zero-days for Chrome, 0-days … Continue reading Another day (week/month) -> another 0-day

Weekly Digest: How many patches does it take to fix one vulnerability? And for more?

Microsoft has made several attempts since June, but the author of the mimikatz continues to bypass all the patches. Likewise, other vendors have tried to close a bunch of zero-day vulnerabilities, so you can protect yourself (or not) from ransomware.Even though the most dangerous of ransomware gangs are out, most of them continue to evolve … Continue reading Weekly Digest: How many patches does it take to fix one vulnerability? And for more?

Lots of ransomware with couple vulnerabilities

This week there was a lot of news related to ransomware, including the closure of Binance cryptocurrency exchanges in many countries due to money laundering. Not all vendors can fix vulnerabilities the first time, which is one way zero-day vulnerabilities appear. Vulnerabilities: Pling application store, tons of vulnerabilities from Nvidia and unpatched SonicWall;Tools: SSH bruteforcer … Continue reading Lots of ransomware with couple vulnerabilities

More malware with new vulnerabilities in the wild in the monthly digest

In the last month, almost every week we wrote about new zero-day vulnerabilities, soon Apple and Chrome are updating almost every day + their vulnerabilities are exploited in the wild. We usually don't write so much about malware, but this month there is too much of it and it is closely related to critical vulnerabilities, … Continue reading More malware with new vulnerabilities in the wild in the monthly digest

Typical zero-days and new malware features, what else is required?

All of the vulnerabilities mentioned in the post are critical, some of them zero-day vulnerabilities that need to be urgently updated in their own products. For the second week, our news consists of malwares that are hijacking new targets (like Apple contractor) and actively evacuating. Vulnerabilities: zero-day in PulseSecure, SonicWall and Chrome, but some of … Continue reading Typical zero-days and new malware features, what else is required?

New robot from Vulners, strong vulnerabilities and new malicious activity.

Google Chrome is updated every week with new vulnerabilities/malicious extensions/zero-day and other stuff, which is why it needs to be updated regularly, just like other important software. Also this week, a sequel to the SonicWall story came out. Google launched a cool new vulnerability service OSV, which the Vulners team immediately automated it - "Stay … Continue reading New robot from Vulners, strong vulnerabilities and new malicious activity.

Several critical updates, evil malware and security research

Collected the coolest news about Apple, Cisco, zero-day and some company hacked via vulnerability in their products (lol). There are not so many cool news, but we were able to collect the most interesting ones about Whatsup, another war with the Emotet malware, a new version of NAT slipstreaming. Next month we will tell you … Continue reading Several critical updates, evil malware and security research