Emotet come back, vulnerable PyPi packets and APT activity

Fighting well-known malware is an endless activity. This fall is not the first case of infection of packages that are actively used in the development of various software. Have you tried the new GitHub exploit yet? Vulnerabilities: DNS spoofing, Netgear SOHO routers and malicious python packets;Tools: STACS, Kubernetes-Goat and Gotanda - coold extension;News: RedCurl and … Continue reading Emotet come back, vulnerable PyPi packets and APT activity

Vulners got all exploits from GitHub

Vulners released new robot to search exploits/PoC in open-source projects on the GitHub. Enrich your vulnerability systems with new data and set up new correlation. Maybe your previous vulnerabilities will turn out to be more critical with the new parameters? The feature is available to all Enterprise subscription users. You can start testing this feature … Continue reading Vulners got all exploits from GitHub

LAW ENFORCEMENT SUCCESS and One patch: bunch of vulnerabilities

Recently, the number of vulnerabilities that come out in a single patch and the frequency of updates have been going up a lot. On the one hand it is great that vendors fix vulnerabilities fast enough, but on the other hand it is frightening to see more of them. Stay on the latest with Vulners! … Continue reading LAW ENFORCEMENT SUCCESS and One patch: bunch of vulnerabilities

Vulnerability patches and news pack for those who rarely update their software

Several packs of vulnerabilities from the most important buckets with zero-day vulnerabilities. Many of them are already being exploited in the wild. The news section shows the consequences of not installing important updates on time. If your software is in this digest - update it urgently. Vulnerabilities: Microsoft patch, Google 10th zero-day, Apple patch;Tools: DNSTake, … Continue reading Vulnerability patches and news pack for those who rarely update their software

Build exploits for zero-days and try to test their Confluence

Over the past week, the main zero-day vulnerabilities with unreleased patches from Microsoft, which, as usual, very quickly began to be exploited in the wild. And a couple of demonstrative news about why it is worth fixing vulnerabilities in your networks as quickly as possible. Vulnerabilities: Microsoft unpatched fail with exploit/PoC, Netgear devices, Android and … Continue reading Build exploits for zero-days and try to test their Confluence