Vulnerability Management and more

2021-04-14 13:15:50 It seems that private API of Microsoft website has changed a lot and MS connector in Vulristics is in need of repair. But even without MS data, it still works. Robustness! In April Patch Tuesday we can see lot's of RCEs in PRC and 4 RCEs in MS Exchange. Yes, once again. But this time without public exploits and exploitation in the wild (yet). Also Win32k Elevation of Privilege (CVE-2021-28310) with exploitation in the wild is mentioned at AttackerKB. Open / Comment

2021-04-08 05:06:25 Hello all! It is the second part about AM Live Vulnerability Management conference. In the first part I made the timecodes for the 2 hours video in Russian. Here I have combined all my lines into one text and made a video. Here is the text version. Open / Comment

2021-04-08 00:48:34 The situation with Stallman's return to FSF is insane. Fedora is boycotting FSF, very likely Debian will do it as well. I only hope that if they completely 'cancel' RMS (I hope it won't happened), there will be people who invite him to promote free software in Russia. That would be a great and powerful move. Certainly the ideological Stallman will most likely refuse. Although the reckless and furious Stallman may agree. Picrelated. Open / Comment

2021-04-04 02:51:48 Hi all! Announcement for Russian speakers. Next Tuesday, March 23rd, at 11:00 MSK, I will participate in the online Vulnerability Management conference, organized by AM Live. The list of participants is very cool: 4 representatives of various VM vendors and… Open / Comment

2021-03-26 03:02:47 Hello everyone! It has been 3 months since my last review of Microsoft vulnerabilities for Q4 2020. In this episode I want to review the Microsoft vulnerabilities for the first quarter of 2021. There will be 4 parts: January, February, March and the vulnerabilities that were released between the Patch Tuesdays.
Text version and links to full report Open / Comment

2021-03-18 22:08:13 Hi all! Announcement for Russian speakers. Next Tuesday, March 23rd, at 11:00 MSK, I will participate in the online Vulnerability Management conference, organized by AM Live. The list of participants is very cool: 4 representatives of various VM vendors and 2 people from the client side (including me). I will try to bring some healthy skepticism and criticism to this event. Hope everything goes well. If you are interested, please register, it's free. Open / Comment

2021-03-04 03:10:14 Well there were many interesting VM-related topics recently: VMware, Exchange, Spectre. But, this incident lMO seems to be the craziest one. I hope they were not so many critical data on that server. Open / Comment

2021-03-04 01:12:19 Cybersecurity firm Qualys likely latest victim of Accellion hacks
#BleepingComputerNews

"Cybersecurity firm Qualys is the latest victim to have suffered a data breach after a zero-day vulnerability in their Accellion FTA server was exploited to steal hosted files.
In December, a wave of attacks targeted the Accellion FTA file-sharing application using a zero-day vulnerability that allowed attackers to steal files stored on the server.
Since then, the Clop ransomware has been extorting these victims by posting the stolen data on their ransomware data leak site.
As Accellion FTA devices are standalone servers designed to be outside the security perimeter of a network and accessible..."

https://www.bleepingcomputer.com/news/security/cybersecurity-firm-qualys-likely-latest-victim-of-accellion-hacks/ Open / Comment

2021-03-04 01:12:19 Well there were many interesting VM-related topics recently: VMware, Exchange, Spectre. But, this incident lMO seems to be the craziest one. I hope they were not so many critical data on that server. Open / Comment

2021-03-03 02:12:20 What do you think? Open / Comment