Second Tuesday patch, another victim of the ransomware and a friendly reaction of CERT teams to counter Emotet

ICS attacks, little known to the general public, are perhaps the most devastating in terms of potential negative consequences. New Bluetooth vulnerability and cool malware news. Vulnerabilities: Not an interesting microsoft patch (yet), ICS and bluetooth;Tools: Traditionally;News: Malware activity and CERT alert;Research: Mainly for Windows enthusiasts. Feedback -> here Vulnerabilities Microsoft released another September security … Continue reading Second Tuesday patch, another victim of the ransomware and a friendly reaction of CERT teams to counter Emotet

Microsoft update with zero-days, few tools, Alexa hack and research

Traditionally, Microsoft in the spotlight after monthly update Vulnerabilities: Microsoft patched zero-day which detected in the wild!Tools: Cool zeek tool and othersNews: Alexa hacked and Canon update (again)Research: You know what to do Feedback -> here Vulnerabilities Microsoft released a monthly security update (every other Tuesday) that fixed 120 vulnerabilities, 17 of which received the … Continue reading Microsoft update with zero-days, few tools, Alexa hack and research

Windows DNS vulnerability – CVSS 10

On the second Tuesday in July, Microsoft released patches for 123 CVEs. But the most dangerous of all is the vulnerability CVE-2020-1350 in the Windows DNS Server versions 2003 to 2019. Vulnerability allows an unauthenticated user (attacker) to execute remote code on the target system. It can be exploited by sending crafted DNS query to … Continue reading Windows DNS vulnerability – CVSS 10

Vulners weekly digest #11

4 sections:VulnerabilitiesToolsNewsResearches (red teaming, threat hunting, malware) Vulnerabilities June's "the second Tuesday patch" has become the largest in the history of Microsoft. The patches fix 129 vulnerabilities – the maximum number of security issues ever closed by Microsoft in a single "fix Tuesday". However, despite the number of vulnerabilities, none of them is a zero-day … Continue reading Vulners weekly digest #11

Vulners weekly digest #8

Three traditional sections in our weekly digest. Enjoy! Vulnerabilities and attacks Last week, Microsoft released its monthly update - 'the second Tuesday patch', which we haven't mentioned yet, but it was done by Aleksendr Leonov in his blog. On his blog, he gave a brief overview of this update. Various researches have been published this … Continue reading Vulners weekly digest #8

Monthly Vulners Review #1

The first monthly vulners review.Main Vulners events.Only critical and important vulnerabilities.Some intersting tools.The most entertaining and flashy news. Vulners events There have been several events for Vulners this month: The revival of the blog;Translation of research Hidden Threat - Vulnerability Analysis using the news graph from Lydia Khramova;Intergated with Exploit Pack collection, which we mentioned … Continue reading Monthly Vulners Review #1