Channel address:
Categories:
Technologies ,
Blogs
Language: English
Subscribers:
1.79K
Description from channel
Vulnerability assessment, IT compliance management, security automation and other beautiful stuff. Discussion group for this channel: @avleonovchat. PM me @leonov_av
Ratings & Reviews
Reviews can be left only by registered users. All reviews are moderated by admins.
5 stars
0
4 stars
0
3 stars
1
2 stars
0
1 stars
1
The latest Messages 16
2021-04-14 13:15:50
It seems that private API of Microsoft website has changed a lot and MS connector in Vulristics is in need of repair. But even without MS data, it still works. Robustness! In April Patch Tuesday we can see lot's of RCEs in PRC and 4 RCEs in MS Exchange. Yes, once again. But this time without public exploits and exploitation in the wild (yet). Also Win32k Elevation of Privilege (CVE-2021-28310) with exploitation in the wild is mentioned at AttackerKB.
296 viewsedited 10:15
2021-04-08 05:06:25
Hello all! It is the second part about AM Live Vulnerability Management conference. In the first part I made the timecodes for the 2 hours video in Russian. Here I have combined all my lines into one text and made a video. Here is the text version.
288 views02:06
2021-04-08 00:48:34
The situation with Stallman's return to FSF is insane. Fedora is boycotting FSF, very likely Debian will do it as well. I only hope that if
they completely 'cancel' RMS (I hope it won't happened), there will be people who invite him to promote free software in Russia. That would be a great and powerful move. Certainly the ideological Stallman will most likely refuse. Although the reckless and furious Stallman may agree. Picrelated.
47 viewsedited 21:48
2021-04-04 02:51:48
Hi all! Announcement for Russian speakers. Next Tuesday, March 23rd, at 11:00 MSK, I will participate in the online Vulnerability Management conference, organized by AM Live. The list of participants is very cool: 4 representatives of various VM vendors and…
8 viewsedited 23:51
2021-03-26 03:02:47
Hello everyone! It has been 3 months since my last review of Microsoft vulnerabilities for Q4 2020. In this episode I want to review the Microsoft vulnerabilities for the first quarter of 2021. There will be 4 parts: January, February, March and the vulnerabilities that were released between the Patch Tuesdays.
Text version and links to full report
217 views00:02
2021-03-18 22:08:13
Hi all! Announcement for Russian speakers. Next Tuesday, March 23rd, at 11:00 MSK, I will participate in the online Vulnerability Management conference, organized by AM Live. The list of participants is very cool: 4 representatives of various VM vendors and 2 people from the client side (including me). I will try to bring some healthy skepticism and criticism to this event. Hope everything goes well. If you are interested, please register, it's free.
222 views19:08
2021-03-04 03:10:14
Well there were many interesting VM-related topics recently: VMware, Exchange, Spectre. But, this incident lMO seems to be the craziest one. I hope they were not so many critical data on that server.
211 viewsedited 00:10
2021-03-04 01:12:19
Cybersecurity firm Qualys likely latest victim of Accellion hacks#BleepingComputerNews
"Cybersecurity firm Qualys is the latest victim to have suffered a data breach after a zero-day vulnerability in their Accellion FTA server was exploited to steal hosted files.
In December, a wave of attacks targeted the Accellion FTA file-sharing application using a zero-day vulnerability that allowed attackers to steal files stored on the server.
Since then, the Clop ransomware has been extorting these victims by posting the stolen data on their ransomware data leak site.
As Accellion FTA devices are standalone servers designed to be outside the security perimeter of a network and accessible..."
https://www.bleepingcomputer.com/news/security/cybersecurity-firm-qualys-likely-latest-victim-of-accellion-hacks/
183 views22:12
2021-03-04 01:12:19
Well there were many interesting VM-related topics recently: VMware, Exchange, Spectre. But, this incident lMO seems to be the craziest one. I hope they were not so many critical data on that server.
214 views22:12
2021-03-03 02:12:20
What do you think?
314 views23:12