Channel address:
Categories:
Technologies ,
Blogs
Language: English
Subscribers:
1.79K
Description from channel
Vulnerability assessment, IT compliance management, security automation and other beautiful stuff. Discussion group for this channel: @avleonovchat. PM me @leonov_av
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
0
4 stars
0
3 stars
1
2 stars
0
1 stars
1
The latest Messages 11
2021-10-05 20:19:31
Exploit available: https://twitter.com/Ax_Sharma/status/1445391350053183500
225 views17:19
2021-09-19 02:25:57
Hello everyone! This time, let’s talk about recent vulnerabilities. I’ll start with Microsoft Patch Tuesday for September 2021. I created a report using my Vulristics tool. A link to the full report in the blogpost.
The most interesting thing about the September Patch Tuesday is that the top 3 VM vendors ignored almost all RCEs in their reviews. However, there were interesting RCEs in the Office products. And what is most unforgivable is that they did not mention CVE-2021-38647 RCE in OMI – Open Management Infrastructure. Only ZDI wrote about this.
Video:
Blogpost: https://avleonov.com/2021/09/19/security-news-microsoft-patch-tuesday-september-2021-omigod-mshtml-rce-confluence-rce-ghostscript-rce-forcedentry-pegasus/
234 views23:25
2021-09-14 01:50:29
Another video about Microsoft Defender for Endpoint. Not the last one.
In a previous episode I described how to get a list of antivirus engine and signatures versions for the hosts in your infrastructure using the Microsoft Graph API. But the problem remains. You know the versions that are currently installed on the hosts. But where can you get the latest versions that should be installed there?
Video:
Blogpost: https://avleonov.com/2021/09/14/microsoft-defender-for-endpoint-the-latest-versions-of-antivirus-engine-signatures/
282 views22:50
2021-09-04 20:05:01
138 views17:05
2021-09-01 02:40:56
Hello everyone! This is a new episode with my comments on the latest Information Security news.
00:00 Exchange ProxyShell
02:35 Zoom RCE
03:40 Citrix Canceled PT Acknowledgments
04:22 Cisco No Patch Router RCEs
Full video:
Blog post: https://avleonov.com/2021/09/01/security-news-exchange-proxyshell-zoom-rce-citrix-canceled-pt-acknowledgments-cisco-no-patch-router-rces/
272 views23:40
2021-08-20 00:57:02
Hello everyone! Yet another news episode. Microsoft Patch Tuesday August 2021, Phishers Started Using reCAPTCHA, Scan 1 IP and Go to Jail.
Video:
Blog post: https://avleonov.com/2021/08/20/security-news-microsoft-patch-tuesday-august-2021-phishers-started-using-recaptcha-scan-1-ip-and-go-to-jail/
263 views21:57
2021-08-17 00:56:08
Hello everyone! In this episode, I would like to tell you how I tried to get automatically antivirus-related data (current status, engine and signature version, last full scan date) from Microsoft Defender for Endpoint using Microsoft Intune and the Graph API.
Video:
Blog post: https://avleonov.com/2021/08/16/how-to-get-antivirus-related-data-from-microsoft-defender-for-endpoint-using-intune-and-graph-api/
220 views21:56
2021-08-15 03:20:48
As an experiment, I got myself a TikTok account. I will dance and lip-sync. Maybe.
https://www.tiktok.com/@avleonov
221 views00:20
2021-08-12 01:34:58
Hello everyone! Last Week’s Security News, August 1 – August 8. (Sorry for the delay )
Black Hat Pwnie Awards, iPhone Checks Photos, Evil Windows Print Server, Cisco VPN Routers Takeovers
Video:
Blog post: https://avleonov.com/2021/08/12/last-weeks-security-news-black-hat-pwnie-awards-iphone-checks-photos-evil-windows-print-server-cisco-vpn-routers-takeovers/
331 views22:34
2021-08-02 22:58:45
Hello everyone! Last Week’s Security News, July 26 – August 1. Serious Sam in Metasploit, PetitPotam, Zimbra Hijack, Joint Advisory TOP30 CVEs
Video:
Blog post: https://avleonov.com/2021/08/02/last-weeks-security-news-serious-sam-in-metasploit-petitpotam-zimbra-hijack-joint-advisory-top30-cves/
197 views19:58
V
