This week Apple and Google fixed zero-day vulnerabilities. More information about APTs and ransomware. All this proves once again that vulnerability management process in information security is just as important as the others. Vulnerabilities: Few zero-days from Chrome and Apple, cool Instagram bug and do you use paint?Tools: Event killer, aim to shellcoders, Rustcat (like … Continue reading Weekly/daily zero-days and ransomware news
In the last month, almost every week we wrote about new zero-day vulnerabilities, soon Apple and Chrome are updating almost every day + their vulnerabilities are exploited in the wild. We usually don't write so much about malware, but this month there is too much of it and it is closely related to critical vulnerabilities, … Continue reading More malware with new vulnerabilities in the wild in the monthly digest
In addition to the monthly update from Microsoft, a new set of critical vulnerabilities in the TCP/IP stack appeared this week. Also, some researchers are publishing exploits from Pwn2Own competitions. Not much bright news, but we've gathered the most significant and useful ones! Vulnerabilities: Microsoft monthly patch, pack of critical vulnerabilities in TCP/IP stack, regular … Continue reading New pack of vulnerabilities in TCP/IP stack, malware evolution and consequences of the Pwn2Own
This week is full of news about zero-day vulnerabilities, attacks using them. There were also hacks, talk about data breaches? When an emergency update comes out, you better apply it, because you might already be attacked. Vulnerabilities: Exploit for Spectre + Meltdown, your exchange has been hacked and install the latest updates for Chrome!;Tools: mostly … Continue reading Zero-day: the main topic of this weekly digest
This week, the first computer malware was discovered on the Apple M1, whose creators are quick to adapt. Mobile app developers take their time to update them for their products and zero-day often takes too long to fix. We collected all the main most interesting news of the week with Apple and quite a bit … Continue reading Apple weekly digest with mobile apps
Google Chrome is updated every week with new vulnerabilities/malicious extensions/zero-day and other stuff, which is why it needs to be updated regularly, just like other important software. Also this week, a sequel to the SonicWall story came out. Google launched a cool new vulnerability service OSV, which the Vulners team immediately automated it - "Stay … Continue reading New robot from Vulners, strong vulnerabilities and new malicious activity.
Collected the coolest news about Apple, Cisco, zero-day and some company hacked via vulnerability in their products (lol). There are not so many cool news, but we were able to collect the most interesting ones about Whatsup, another war with the Emotet malware, a new version of NAT slipstreaming. Next month we will tell you … Continue reading Several critical updates, evil malware and security research
There is one or more zero-day in each vulnerability section. Intel takes care of the threat from ransomware, the attacker gained access to Microsoft accounts, and, as usual, a little bit about the most interesting new malware with the highest impact. Vulnerabilities: Mostly zero-days;Tools: Outlook research + new tool, OSINT, web testing and defense evasion;News: … Continue reading Lots of zero-day vulnerabilities, and how’s your start of the year?
Microsoft is surprised that they do not fix vulnerability zero with the existing PoC and there has been an exploit for the previous version of the bug for a long time. It is useless to post information about the SolarWinds hack, because there are too many of them and new facts (vulnerabilities) keep appearing. In … Continue reading Available Microsoft 0-day , new SolarWinds vulnerability and others
There are many zero-day vulnerabilities this month that were only recently patched. Most helpful tools and news. We also decided to add a section on what's new for Vulners this month. Vulners events: Our strongest vulnerability database, which is convenient to work with, is regularly updated and gets better;Vulnerabilities: Google is updating its zero-days non-stop, … Continue reading Zero-Day Vulnerability Month, new Vulners events and malware