Second Tuesday patch, another victim of the ransomware and a friendly reaction of CERT teams to counter Emotet

ICS attacks, little known to the general public, are perhaps the most devastating in terms of potential negative consequences. New Bluetooth vulnerability and cool malware news. Vulnerabilities: Not an interesting microsoft patch (yet), ICS and bluetooth;Tools: Traditionally;News: Malware activity and CERT alert;Research: Mainly for Windows enthusiasts. Feedback -> here Vulnerabilities Microsoft released another September security … Continue reading Second Tuesday patch, another victim of the ransomware and a friendly reaction of CERT teams to counter Emotet

IOCs for you with Vulners

Everyone around is constantly advised to use free and public feeds without the possibility of using unique. Besides, many of them duplicate each other and in most cases, expertise costs money. But what if you want better result with a minimum of effort? This is exactly what we did. RST Threat Feed team shared their … Continue reading IOCs for you with Vulners

Monthly review without Microsoft, a lot of cool tools, Flipper project and new malware

More and more new news about bypassing fixed vulnerabilities appear. And it's great! After all, it means that there are more people who care and they continue to research the problems after they have been fixed. Vulnerabilities: Cisco and Apache are trying very hard to fix their vulnerabilities, but there are still too many‚Ķ;Tools: All … Continue reading Monthly review without Microsoft, a lot of cool tools, Flipper project and new malware

Zero-day for Apple (Safari), tools and malware news

Stealing local files via Safari, few PoCs with exploit, so veriety malware and blue team research (mostly). Vulnerabilities: Have you ever seen a digest without Microsoft?Tools: Mix of tools for the red and blue team;News: Mainly about malware and cats. Not everyone loves cats;Research: Usefull for SOC analysts and DFIR. Feedback -> here Vulnerabilities CVE-2020-3952 … Continue reading Zero-day for Apple (Safari), tools and malware news

Two zero-day vulnerabilities per week, update for popular tools and stories about ransomware

Two zero-day vulnerabilities per week from Microsoft, update for popular tools, stories about ransomware and blue team like red to fight with evil. Vulnerabilities: Microsoft patched zero-day which detected in the wil!Tools: Upd for one of the most famous red team toolsNews: Have you ever hear about vulnerability in malware?Research: Elastic team reseased some cool … Continue reading Two zero-day vulnerabilities per week, update for popular tools and stories about ransomware

Microsoft update with zero-days, few tools, Alexa hack and research

Traditionally, Microsoft in the spotlight after monthly update Vulnerabilities: Microsoft patched zero-day which detected in the wild!Tools: Cool zeek tool and othersNews: Alexa hacked and Canon update (again)Research: You know what to do Feedback -> here Vulnerabilities Microsoft released a monthly security update (every other Tuesday) that fixed 120 vulnerabilities, 17 of which received the … Continue reading Microsoft update with zero-days, few tools, Alexa hack and research

Game changing plugin for your Splunk! Try out new!

The Vulners team finally officially released own Splunk plugin. Why do you need SIEM + scanner? When you only need to use one less product! Many modern companies use several vulnerability solutions with different consoles/ interfaces/etc. Vulnerability scanners are an important part of the ongoing information security process. Splunk plugin from Vulners will save your … Continue reading Game changing plugin for your Splunk! Try out new!

The two most important conferences of the year and new facebook tool

This week there were such significant events as Defcon and Black Hat 2020. Some of the materials from these conferences are in today's digest. Vulnerabilities: Cool material from Blackhat 2020 and Qualcomm vulnerabilities. Tools: New code analyzer from facebook. News: Data leak and ransomware for Canon (like Garmin). Research: Mostly for the blue/purple teams. Feedback: … Continue reading The two most important conferences of the year and new facebook tool

Important updates for Cisco and Adobe products, attack on Garmin and Diebold Nixdorf

This week Cisco and Adobe released Emergency updates for their products. And the biggest news of the week are the attacks on Garmin and ATM maker Diebold Nixdorf. Feedback: https://forms.gle/D17BaFwD5hJnKkUUA Vulnerabilities Path traversal in Cisco's network security software CVE-2020-3452. A path traversal aims to access files and directories that are stored outside the web root folder. … Continue reading Important updates for Cisco and Adobe products, attack on Garmin and Diebold Nixdorf