Cisco stories, ICS and Apple features

Apple recently released its new OS Bg Sur and immediately started fixing vulnerabilities. Also, undocumented features were found in new platform. Cisco is fixing vulnerabilities in its products strangely. Pair of funny tools and a couple of interesting stories in news section. Vulnerabilities: Cisco story, "bugs" in messagers and ICS;Tools: Bloodhound continues to be updated, … Continue reading Cisco stories, ICS and Apple features

Zero-Day Vulnerability Month, new Vulners events and malware

There are many zero-day vulnerabilities this month that were only recently patched. Most helpful tools and news. We also decided to add a section on what's new for Vulners this month. Vulners events: Our strongest vulnerability database, which is convenient to work with, is regularly updated and gets better;Vulnerabilities: Google is updating its zero-days non-stop, … Continue reading Zero-Day Vulnerability Month, new Vulners events and malware

Vulners updated ElasticSearch 7.10 – what changes for you?

It's over! We updated our Elasticsearch from version 6.8 to 7.10! The latest version of ElasticSearch appeared on 11.11! We use elastic stack in our service + several other technologies. We also try to keep the concept of "stay on latest" and constantly get better. For us, there are several main advantages of updating to … Continue reading Vulners updated ElasticSearch 7.10 – what changes for you?

Digest with vulnerabilities, emergency updates and attack subjects

Zero-day vulnerabilities are not diminishing, and those that are already actively used in attacking actions. Quick release update - great! A lot of updates is not great! Vulnerabilities: Apple critical update, zero-day from Google, FireEye reports and etc;Tools: Promising tools that surprise with their growth;News: Twitter bot, some attacks and hacker cup;Research: Useful staff for … Continue reading Digest with vulnerabilities, emergency updates and attack subjects

Most critical vulnerabilities, next ransomware and PRE-ATT&CK

What could be more dangerous than a zero-day vulnerability that has been made public and has not yet been fixed? This is what google projecy zero did by publishing zero-day in windows before the patch. The attempts to exploit Oracle weblogic in the wild also started. But as statistics show, not everyone is in a … Continue reading Most critical vulnerabilities, next ransomware and PRE-ATT&CK