Get Mystery Box with random crypto!

Vulnerability Management and more

Logo of telegram channel avleonovcom — Vulnerability Management and more V
Logo of telegram channel avleonovcom — Vulnerability Management and more
Channel address: @avleonovcom
Categories: Technologies , Blogs
Language: English
Subscribers: 1.79K
Description from channel

Vulnerability assessment, IT compliance management, security automation and other beautiful stuff. Discussion group for this channel: @avleonovchat. PM me @leonov_av

Ratings & Reviews

2.00

2 reviews

Reviews can be left only by registered users. All reviews are moderated by admins.

5 stars

0

4 stars

0

3 stars

1

2 stars

0

1 stars

1


The latest Messages 6

2022-01-27 01:20:22
CVE-2022-0185 One more EoP in all Linux kernel versions starting from 5.1-rc1 through the latest patched ones (5.4.173, 5.10.93, 5.15.1).
"An unprivileged user can use unshare(CLONE_NEWNS|CLONE_NEWUSER) to enter a namespace with the CAP_SYS_ADMIN permission, and then proceed with exploitation to root the system."
"We plan to release the exploit in about a week and a half. It will be available at the following repository"
This bug can let hackers escape Kubernetes containers.
85 viewsedited  22:20
Open / Comment
2022-01-26 01:36:35 PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)
#QualysBlog

"The Qualys Research Team has discovered a memory corruption vulnerability in polkit's pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows any unprivileged user to gain full root privileges on a vulnerable host by exploiting this vulnerability in its default configuration.
### About Polkit pkexec for Linux
Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged..."

https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034
200 views22:36
Open / Comment
2022-01-26 01:36:35 Well done Qualys. They regularly find such simple and easily exploitable vulnerabilities that no one pays attention to.
218 views22:36
Open / Comment
2022-01-25 12:49:41
For Russian speaking friends. I will be participating in the #TenableSecurityDay hosted by Tiger Optics. There will be many interesting presentations. I'll try to add some pepper by talking about vulnerabilities that are not presented in the knowledge bases of vulnerability scanners. Registration here: https://tenable-day.tiger-optics.ru/
275 views09:49
Open / Comment
2022-01-21 21:59:29 Hello everyone! As you probably know, CentOS Linux, the main Enterprise-level Linux server distribution, will soon disappear. It wasn’t hard to predict when RedHat acquired CentOS in 2014, and now it is actually happening. End of life of CentOS Linux 8 was 31.12.2021. There won’t be CentOS Linux as downstream for RedHat anymore. Only CentOS Stream, that will be upstream for RedHat, more or less a testing distro like Fedora.

Of course, it is a matter of debate whether security guys can actually decide which Linux distributions a company will use and set that as a requirement. But in any case, the security guys will definitely take part in the decision. I made a poll in my Telegram channel. 113 people voted. So, let’s take a look at the results and discuss which of the Linux distributions we can recommend to IT teams.

Video:


Blogpost: https://avleonov.com/2022/01/21/end-of-centos-linux-where-to-migrate/
241 viewsedited  18:59
Open / Comment
2022-01-16 23:22:22 Hello everyone! This episode will be about Microsoft Patch Tuesday for January 2022. Traditionally, I will use my open source Vulristics tool for analysis. This time I didn’t make any changes to how connectors work. The report generation worked correctly on the first try.

Video:


Blog: https://avleonov.com/2022/01/16/microsoft-patch-tuesday-january-2022/
142 views20:22
Open / Comment
2022-01-08 04:18:32 Hello everyone! In this episode, I want to talk about VMconf 22. It was an experiment from the beginning. Is it possible to host a Vulnerability Management event with little effort and budget? Looks like no. So I would like to talk about why the original idea failed and the future of VMconf. #VMconf #vmconf22

Video:


Blog: https://avleonov.com/2022/01/08/vmconf-22-why-didnt-it-work-as-planned-and-whats-next/
61 views01:18
Open / Comment
2022-01-04 23:40:23
So, which Enterprise Linux distribution will you recommend your IT colleagues instead of CentOS?
Anonymous Poll
19%
Still keep using CentOS 7 (EOL 2024-06-30)
16%
RHEL
11%
Oracle Linux
4%
Rocky Linux
4%
AlmaLinux
40%
Ubuntu
19%
Debian
0%
Gentoo
4%
Other
9%
No idea
57 voters138 views20:40
Open / Comment
2022-01-04 23:37:01 Hello everyone! End of life for CentOS Linux 8 was 31.12.2021. There won't be CentOS Linux as downstream for RedHat anymore. Only CentOS Stream, that will be upstream for CentOS, more like Fedora.
144 views20:37
Open / Comment
2021-12-31 20:38:47 I hope to distract myself from information security as much as possible during the holidays, which is what I wish everyone. For those of you interested, here's a list of my posts over the past year:

1. Log4j “Log4Shell” RCE explained (CVE-2021-44228)
2. Microsoft Patch Tuesday December 2021
3. Vulnerability Intelligence based on media hype. It works? Grafana LFI and Log4j “Log4Shell” RCE
4. QSC21, VMDR Training and Exam
5. Vulristics Command Line Interface, improved Product & Vuln. Type Detections and Microsoft Patch Tuesday November 2021
6. VMconf 22 Vulnerability Management conference: Call For Papers started
7. Security News: Microsoft Patch Tuesday October 2021, Autodiscover, MysterySnail, Exchange, DNS, Apache, HAProxy, VMware vCenter, Moodle
8. Career Navigator talk for IT Hub College
9. Security News: Microsoft Patch Tuesday September 2021, OMIGOD, MSHTML RCE, Confluence RCE, Ghostscript RCE, FORCEDENTRY Pegasus
10. Microsoft Defender for Endpoint: The Latest Versions of Antivirus Engine & Signatures
11. Security News: Exchange ProxyShell, Zoom RCE, Citrix Canceled PT Acknowledgments, Cisco No Patch Router RCEs
12. Security News: Microsoft Patch Tuesday August 2021, Phishers Started Using reCAPTCHA, Scan 1 IP and Go to Jail
13. How to get Antivirus-related Data from Microsoft Defender for Endpoint using Intune and Graph API
14. Last Week’s Security News: Black Hat Pwnie Awards, iPhone Checks Photos, Evil Windows Print Server, Cisco VPN Routers Takeovers
15. Last Week’s Security news: Serious Sam in Metasploit, PetitPotam, Zimbra Hijack, Joint Advisory TOP30 CVEs
16. How to fix “Nessus failed to load the SSH private key” error?
17. Last Week’s Security news: Pegasus, SeriousSAM, Sequoia
18. My thoughts on the “2021 Gartner Market Guide for Vulnerability Assessment”. What about the quality?
19. Last Week’s Security news: Exploits for ForgeRock, vSphere, Apache Tomcat, new Print Spooler vuln, Kaseya Patch and REvil, SolarWinds, Schneider Electric, Bulletins
20. Vulristics Microsoft Patch Tuesday July 2021: Zero-days EoP in Kernel and RCE in Scripting Engine, RCEs in Kernel, DNS Server, Exchange and Hyper-V
21. Vulristics: Microsoft Patch Tuesdays Q2 2021
22. Last Week’s Security news: PrintNightmare, Kaseya, Intune, Metasploit Docker escape
23. Vulristics HTML Report Update: Table for Products, Table for Vuln. Types and “Prevalence”
24. Last Week’s Security news: Cisco ASA, BIG-IQ, vSphere, Solaris, Dlink, iPhone %s, DarkRadiation, Google schema, John McAfee
25. PHDays 10: U.S. Sanctions, My Talk on Vulristics, Other Great Talks Related to VM
26. Getting Hosts from Microsoft Intune MDM using Python
27. AM Live Vulnerability Management Conference Part 2: What was I talking about there
28. AM Live Vulnerability Management Conference Part 1: Full video in Russian + Timecodes in English
29. Vulristics: Microsoft Patch Tuesdays Q1 2021
30. Vulristics: Beyond Microsoft Patch Tuesdays, Analyzing Arbitrary CVEs
31. Microsoft Defender for Endpoint: Why You May Need It and How to Export Hosts via API in Python
32. Vulners Linux Audit API for Host Vulnerability Detection: Manual Auditing, Python Scripting and Licensing
33. Vulristics Vulnerability Score, Automated Data Collection and Microsoft Patch Tuesdays Q4 2020
34. My projects that are not related to Information Security: Yennysay TTS and PyTouchOk companion app
218 viewsedited  17:38
Open / Comment