Lucene search
K
AvleonovMost viewed

389 matches found

Information Security Automation
Information Security Automation
added 2018/03/14 5:19 p.m.48 views

Dealing with Nessus logs

Debugging Nessus scans is a very interesting topic. And it is not very well described even in Tenable University course. It become especially interesting when you see strange network errors in the scan results. Let's see how we can troubleshoot Nessus scans without sending Nessus DB files to...

6.9AI score
Exploits0
Information Security Automation
Information Security Automation
added 2018/02/04 9:51 p.m.48 views

Making simple Nmap SPA web GUI with Apache, AngularJS and Python Twisted

The last time I was developing dynamic web applications years ago. I used CGI and PHP back then. Now I am really interested in a modern approach, when you have a Single Page Web Application SPA written in HTML and JavaScript, that makes http requests to some external API. It's pretty cool, becaus...

6.6AI score
Exploits0
Information Security Automation
Information Security Automation
added 2018/01/05 6:59 p.m.48 views

Vulchain Scanner: 5 basic principles

New Year holidays in Russia lasts 10 days this year! Isn't it an excellent opportunity to start a new project? So, I decided to make my own active network vulnerability scanner - Vulchain. Why? Well, first of all, it's fun. You can make the architecture from scratch, see the difficulties invisibl...

6.4AI score
Exploits0
Information Security Automation
Information Security Automation
added 2017/09/13 9:13 p.m.48 views

Sending and receiving emails automatically in Python

There are different situations, when you may want to process email messages automatically. I will give some examples related to Vulnerability Management: Send a message to your colleagues that you are going to start a network vulnerability scan or WAS scan. It is much better than investigating...

6.9AI score
Exploits0
Information Security Automation
Information Security Automation
added 2017/12/01 9:36 p.m.47 views

Processing .docx and .xlsx files with Python

MS Office documents are probably one of the most inconvenient and poorly formalized data sources. It's much better to keep all the data in specialized databases or at least in wiki. But in real life, MS Office documents are in active use in nearly every organization. Simply because it is a flexib...

6.7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2018/03/16 12:25 p.m.47 views

My short review of “IDC Worldwide Security and Vulnerability Management Market Shares 2016”

On February 12 IDC published new report about Security and Vulnerability Management market. You can buy it on the official website for $4500. Or you can simply download free extract on Qualys website Thanks, Qualys!. I've read it and now I want to share my impressions. I think it's better start...

6.7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2018/02/05 4:45 p.m.46 views

Nessus Manager disappeared and Tenable.io On-Prem was announced

If you open Tenable Products page right now you will not see Nessus Manager there anymore. Nessus Manager page "The Power of Nessus for Teams" was also deleted. However, it is still mentioned in the product comparison. Agent-Based Scanning in SecurityCenter and SecurityCenter Continuous View "...

6.8AI score
Exploits0
Information Security Automation
Information Security Automation
added 2019/11/13 12:19 a.m.45 views

Vulnerability Management Product Comparisons (October 2019)

Here I combined two posts 1.2 from my telegram channel about comparisons of Vulnerability Management products that were recently published in October 2019. One of them was more marketing, published by Forrester, the other was more technical and published by Principled Technologies. I had some...

7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2018/12/05 1:10 p.m.45 views

PRYTEK meetup: Breach and Attack Simulation or Automated Pentest?

Last Tuesday, November 27, I spoke at "Business Asks for Cyber Attacks" meetup organized by PRYTEK investment platform. The event was held at the PRYTEK Moscow office in a beautiful XIX century building of a former textile manufactory. The goal of the meetup was to talk about new approaches in...

6.8AI score
Exploits0
Information Security Automation
Information Security Automation
added 2020/05/05 11:52 p.m.44 views

Anti-Phishing process with advanced phishing attacks simulation

This time I want to write about the service of my friends from Antiphish. They call it “security awareness and employee behaviour management platform”. Simply put, they teach company employees how to detect and avoid phishing attacks. By the way, they are great guys, made a demo for me, prepared...

Exploits0
Information Security Automation
Information Security Automation
added 2019/04/29 11:16 a.m.44 views

Vulnerability Management vendors and Vulnerability Remediation problems

It's not a secret, that Vulnerability Management vendors don't pay much attention to the actual process of fixing vulnerabilities, that they detect in the infrastructure Vulnerability Remediation. Although it seems to be the main goal of VM products: to make vulnerabilities fixed and whole IT...

0.3AI score
Exploits0
Information Security Automation
Information Security Automation
added 2026/03/09 10:59 p.m.42 views

About Remote Code Execution – Windows Shell (CVE-2026-21510) vulnerability

About Remote Code Execution - Windows Shell CVE-2026-21510 vulnerability. A vulnerability from the February Microsoft Patch Tuesday. The Windows Shell is the primary interface through which users interact with the Windows operating system. It includes visible elements such as the Desktop, Taskbar...

8.8CVSS6.6AI score0.25835EPSS
Exploits3
Information Security Automation
Information Security Automation
added 2021/06/15 8:46 a.m.42 views

PHDays 10: U.S. Sanctions, My Talk on Vulristics, Other Great Talks Related to VM

Today I will talk about the Positive Hack Days conference, which took place on May 20 and May 21 in Moscow. I can say that this was and remains the main event for Information Security Practitioners in Russia. First of all, I have to say a few words about the sanctions. The organizer of the event,...

6.7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2021/01/06 5:43 p.m.42 views

My projects that are not related to Information Security: Yennysay TTS and PyTouchOk companion app

Thanks to the long New Year holidays in Russia, I had time to work on my own projects that are not related to information security. I released them on github and recorded short demos by the way, Zoom is quite convenient for this! ?. Yennysay is a GUI text-to-speach tool that uses a free offline T...

7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2019/12/03 1:39 a.m.42 views

Detectify Asset Inventory and Monitoring

Continuing the topic about perimeter services. As I mentioned earlier, I don't think that the external perimeter services should be considered as a fully functional replacement for custom Vulnerability Management processes. I would rather see their results as an additional feed showing the proble...

7.4AI score
Exploits0
Information Security Automation
Information Security Automation
added 2019/05/01 3:8 p.m.42 views

Code IB 2019: Vulnerability Management Masterclass

On March 29, I held one hour master class "HOW to avoid excessive formalism in Vulnerability Management process" at Code IB Profi 2019. Everything went quite well and I've got 88% positive ratings. Not bad result ^^. The main feature of the conference was a very special audience. The only way to...

0.6AI score
Exploits0
Information Security Automation
Information Security Automation
added 2017/11/30 8:46 p.m.42 views

Atlassian Jira, Python and automated labeling

I have already wrote about Atlassian Jira automation in "Automated task processing with JIRA API". But all examples there were with using of curl. So, I decided to make one more post about Jira API. This time with python examples and about labeling issues nice wordplay, right? . You can use label...

6.9AI score
Exploits0
Information Security Automation
Information Security Automation
added 2017/05/12 11:1 p.m.42 views

WannaCry about Vulnerability Management

Nearly all mainstream media wrote today about massive ransomware attacks around the world: 16 medical institutions in UK, strong rumours that huge companies in Russia, and even Russian Ministry of Internal Affairs suffered a damage. At this moment Kaspersky recorded more than 45,000 attacks in 74...

6.7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2025/07/13 12:26 p.m.41 views

About Elevation of Privilege – Windows SMB Client (CVE-2025-33073) vulnerability

About Elevation of Privilege - Windows SMB Client CVE-2025-33073 vulnerability. A vulnerability from the June Microsoft Patch Tuesday allows an attacker to execute a malicious script, forcing the victim's host to connect to the attacker's SMB server and authenticate, resulting in gaining SYSTEM...

8.8CVSS7.4AI score0.64987EPSS
Exploits6
Information Security Automation
Information Security Automation
added 2025/04/30 11:34 p.m.41 views

April Linux Patch Wednesday

AprilLinux Patch Wednesday. Total vulnerabilities: 251. 164 in the Linux Kernel. No vulnerabilities show signs of being exploited in the wild. There are 7 vulnerabilities that appear to have publicly available exploits. For 2 vulnerabilities, exploit code with detailed explanation is available on...

6.9CVSS8AI score0.75782EPSS
Exploits8
Information Security Automation
Information Security Automation
added 2020/06/03 11:11 p.m.38 views

Add new features to Notepad++ using Python scripts: keyboard shortcut to insert current time

I have to say, I spend a lot of time daily in Notepad++ text editor for Windows. I keep my “logbook” there. I record what I am doing now and what needs to be done. This allows me not to keep everything in my head and switch the context more efficiently. I can recommend this to everyone. And it is...

7.1AI score
Exploits0
Information Security Automation
Information Security Automation
added 2017/05/03 4:14 p.m.38 views

My comments on Forrester’s “Vulnerability Management vendor landscape 2017”

A top consulting company, Forrester Research, recently published report "Vendor Landscape: Vulnerability Management, 2017". You can read for free by filling a small form on Tenable web site. What's interesting in this document? First of all, Josh Zelonis and co-authors presented their version of ...

7.1AI score
Exploits0
Information Security Automation
Information Security Automation
added 2017/03/31 9:6 p.m.38 views

Programmers are also people who also make mistakes

It's the first part of our talk with Daniil Svetlov at his radio show "Safe Environment" or "Safe Wednesday" - kind of wordplay in Russian recorded 29.03.2017. We were discussing why Software Vulnerabilities are everyone's problem. Full video in Russian without subtitles is available here. I adde...

7.2AI score
Exploits0
Information Security Automation
Information Security Automation
added 2025/01/02 7:34 p.m.37 views

New episode “In The Trend of VM” (#10): 8 trending vulnerabilities of November, zero budget VM and who should look for patches

New episode "In The Trend of VM" 10: 8 trending vulnerabilities of November, zero budget VM and who should look for patches. The competition for the best question on the topic of VM continues. Video on YouTube, LinkedIn Post on Habr rus Digest on the PT website Content: 00:29 Spoofing - Windows...

5.9CVSS7.6AI score0.99698EPSS
Exploits41
Information Security Automation
Information Security Automation
added 2022/04/04 4:42 p.m.37 views

Gitlab OmniAuth Static Passwords and stored XSS

Hello everyone! In this episode, lets take a look at the latest vulnerabilities in Gitlab. On March 31, the Critical Security Release for GitLab Community Edition CE and Enterprise Edition EE was released. GitLab recommends that all installations running a version affected by the issues described...

7.5CVSS7.7AI score0.87369EPSS
Exploits6
Information Security Automation
Information Security Automation
added 2021/10/08 7:36 a.m.37 views

Career Navigator talk for IT Hub College

Last week I gave a "Career Navigator" talk for the students of the IT Hub College in Moscow. By the way, this college has a very interesting practical information security program. If it is relevant for you, check it out. Ive never talked so much about myself in public. It was like giving advises...

7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2017/10/04 12:13 p.m.37 views

VirtualBox GuestAdditions for Linux Guest OS

I often work with VirtualBox virtual machines and need to install GuestAdditions to use GUI applications comfortably. So, I decided to collect here some configuration scripts. CentOS 7 In the configuration a new VirtualBox machine I add 2 network adapters: Host Only Network NAT Installing clean...

6.9AI score
Exploits0
Information Security Automation
Information Security Automation
added 2025/01/14 11:22 p.m.36 views

January Microsoft Patch Tuesday

January Microsoft Patch Tuesday. 170 CVEs, 10 of them were added since December MSPT. 3 exploited in the wild: EoP - Windows Hyper-V NT Kernel Integration VSP CVE-2025-21333, CVE-2025-21334, CVE-2025-21335. No details yet. No vulnerabilities have public exploits. 5 have private ones: Security...

9.8CVSS7.6AI score0.80912EPSS
Exploits11
Information Security Automation
Information Security Automation
added 2024/12/10 11:19 p.m.35 views

December Microsoft Patch Tuesday

December Microsoft Patch Tuesday. 89 CVEs, of which 18 were added since November MSPT. 1 vulnerability with signs of exploitation in the wild: EoP - Windows Common Log File System Driver CVE-2024-49138. There are no details about this vulnerability yet. Strictly speaking, there was another...

9.8CVSS6.8AI score0.70906EPSS
Exploits7
Information Security Automation
Information Security Automation
added 2017/11/09 2:11 p.m.35 views

Study Vulnerability Assessment in Tenable University for free

Not so long ago, Tenable presented renewed online training platform - Tenable University. It is publicly available even for non-customers, for example, for Nessus Home users. However, not all courses are available in this case. I decided to check it out, registering as non-customer. Logged in...

6.7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2024/10/21 1:1 p.m.34 views

September episode of “In The Trend of VM”: 7 CVEs, fake reCAPTCHA, lebanese pagers, VM and IT annual bonuses

September episode of "In The Trend of VM": 7 CVEs, fake reCAPTCHA, lebanese pagers, VM and IT annual bonuses. Starting this month, we decided to slightly expand the topics of the videos and increase their duration. I cover not only the trending vulnerabilities of September, but also social...

9.8CVSS7.7AI score0.88193EPSS
Exploits12
Information Security Automation
Information Security Automation
added 2025/01/20 3:2 p.m.33 views

I have finalized the list of trending vulnerabilities for 2024 according to Positive Technologies

I have finalized the list of trending vulnerabilities for 2024 according to Positive Technologies. Last year, 74 vulnerabilities were classified as trending to compare the scale, just over 40,000 were added to NVD in 2024. All trending vulnerabilities are found in Western commercial products and...

9.8CVSS9AI score0.99999EPSS
Exploits82
Information Security Automation
Information Security Automation
added 2024/11/19 9:26 p.m.33 views

About Remote Code Execution – FortiManager “FortiJump” (CVE-2024-47575) vulnerability

About Remote Code Execution - FortiManager "FortiJump" CVE-2024-47575 vulnerability. FortiManager is a centralized solution for configuring, enforcing policies, updating, and monitoring Fortinet network devices. The vulnerability was released on October 23. A missing authentication for critical...

9.8CVSS10AI score0.94761EPSS
Exploits7
Information Security Automation
Information Security Automation
added 2017/11/10 8:29 p.m.33 views

Vulnerability Management vendors and massive Malware attacks (following the Bad Rabbit)

After the latest Bad Rabbit ransomware attack all Top VM vendors Qualys, Tenable, Rapid7 wrote blog posts on this topic on the same day. Two days later Tripwire also published own review. Why do they care? They do not make antiviruses, endpoint protection or firewalls - the common tools against...

7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2025/03/12 9:56 a.m.32 views

March Microsoft Patch Tuesday

March Microsoft Patch Tuesday. 77 CVEs, 20 of which were added during the month. 7 vulnerabilities with signs of exploitation in the wild: RCE - Windows Fast FAT File System Driver CVE-2025-24985 RCE - Windows NTFS CVE-2025-24993 SFB - Microsoft Management Console CVE-2025-26633 EoP - Windows Win...

9.8CVSS7.8AI score0.31894EPSS
Exploits9
Information Security Automation
Information Security Automation
added 2020/01/12 10:53 a.m.32 views

IT Security in The New Pope

Lol, IT Security is everywhere. Even in the first episode of "The New Pope" TV series the sequel of "The Young Pope", 2016 some monks change credentials in the Vatican's IT systems under cover of night. This happened after, well, some unexpected changes in the corporate culture and organizational...

7.2AI score
Exploits0
Information Security Automation
Information Security Automation
added 2018/08/16 10:3 a.m.32 views

Asset Inventory for Network Perimeter: from Declarations to Active Scanning

In the previous post, I shared some of my thoughts about the good Asset Inventory system. Of course, for me as a Security Specialist, it would be great if IT will provide such magical system. But such an ideal situation is rarely possible. So now let's see how to build an Asset Inventory system...

6.8AI score
Exploits0
Information Security Automation
Information Security Automation
added 2017/11/27 9:10 p.m.32 views

Vulnerability Management for Network Perimeter

Network Perimeter is like a door to your organization. It is accessible to everyone and vulnerability exploitation does not require any human interactions, unlike, for example, phishing attacks. Potential attacker can automate most of his actions searching for an easy target. It's important not t...

7.1AI score
Exploits0
Information Security Automation
Information Security Automation
added 2025/08/06 10:44 p.m.31 views

About Elevation of Privilege – Windows Update Service (CVE-2025-48799) vulnerability

About Elevation of Privilege - Windows Update Service CVE-2025-48799 vulnerability. This vulnerability is from the July Microsoft Patch Tuesday. Improper link resolution before file access 'link following' in the Windows Update Service allows an authorized attacker to elevate privileges to "NT...

7.8CVSS7.2AI score0.0103EPSS
Exploits4
Information Security Automation
Information Security Automation
added 2025/05/06 3:12 p.m.31 views

About Remote Code Execution & Arbitrary File Reading – Apache HTTP Server (CVE-2024-38475) vulnerability

About Remote Code Execution & Arbitrary File Reading - Apache HTTP Server CVE-2024-38475 vulnerability. Improper escaping of output in modrewrite module leads to remote code execution or arbitrary file reading. Successful exploitation does not require authentication. Apache HTTP Server 2.4.60,...

9.1CVSS8.7AI score0.99957EPSS
Exploits1
Information Security Automation
Information Security Automation
added 2025/03/11 10:10 a.m.30 views

New episode “In the Trend of VM” (#12): 8 February CVEs & Why the Darknet Matters for VM Specialists

New episode "In the Trend of VM" 12: 8 February CVEs & Why the Darknet Matters for VM Specialists. Now with a new design and new video editing. Video on YouTube and LinkedIn Post on Habr rus Digest on the PT website Content: 00:00 Greetings 00:23 Remote Code Execution - Windows Lightweight...

9.8CVSS9.1AI score0.98259EPSS
Exploits33
Information Security Automation
Information Security Automation
added 2024/10/15 12:21 p.m.30 views

About Cross Site Scripting – Roundcube Webmail (CVE-2024-37383) vulnerability

About Cross Site Scripting - Roundcube Webmail CVE-2024-37383 vulnerability. Roundcube is a web-based email client with functionality comparable to desktop email clients such as Outlook Express or Mozilla Thunderbird. The vulnerability is caused by an error in the processing of SVG elements in th...

6.1CVSS6.7AI score0.73445EPSS
Exploits7
Information Security Automation
Information Security Automation
added 2024/10/13 9:41 a.m.30 views

Veeam B&R RCE vulnerability CVE-2024-40711 is exploited in attacks

Veeam B &R RCE vulnerability CVE-2024-40711is exploited in attacks. On September 24, there were no signs of this vulnerability being exploited in the wild. And on October 10, Sophos X-Ops reported that they had observed a series of attacks exploiting this vulnerability over the course of a month...

9.8CVSS7.4AI score0.88193EPSS
Exploits3
Information Security Automation
Information Security Automation
added 2024/12/04 1:21 p.m.29 views

About Elevation of Privilege – Windows Task Scheduler (CVE-2024-49039) vulnerability

About Elevation of Privilege - Windows Task Scheduler CVE-2024-49039 vulnerability. It was released on November Microsoft Patch Tuesday and showed signs of exploitation in the wild right away. To exploit the vulnerability, an authenticated attacker runs a specially crafted application on the targ...

8.8CVSS7.1AI score0.13719EPSS
Exploits1
Information Security Automation
Information Security Automation
added 2020/01/09 8:2 p.m.29 views

The first Zbrunk dashboard and other news

The long New Year holiday season in Russia was not in vain. I had time to work on Zbrunk. As you can see, I made my first dashboard and added other features. No more timestamps in code I added functions to get Unix timestamps from lines in human-readable time format, e.g. "2019.12.10 13:00:00"...

7.1AI score
Exploits0
Information Security Automation
Information Security Automation
added 2025/04/22 9:16 p.m.28 views

April “In the Trend of VM” (#14): vulnerabilities in Microsoft Windows, VMware products, Kubernetes, and Apache Tomcat

April "In the Trend of VM" 14: vulnerabilities in Microsoft Windows, VMware products, Kubernetes, and Apache Tomcat. We decided to pause recording new videos, so for now only text. Post on Habr rus Digest on the PT website rus A total of 11 trending vulnerabilities: Elevation of Privilege - Windo...

9.8CVSS10AI score0.99945EPSS
Exploits99
Information Security Automation
Information Security Automation
added 2025/03/19 5:4 p.m.28 views

About Spoofing – Windows File Explorer (CVE-2025-24071) vulnerability

About Spoofing - Windows File Explorer CVE-2025-24071 vulnerability. The vulnerability is from the March Microsoft Patch Tuesday. The VM vendors didn't highlight it in their reviews. A week later, on March 18, researcher 0x6rss published a write-up and a PoC exploit. According to him, the...

6.5CVSS7.7AI score0.25068EPSS
Exploits21
Information Security Automation
Information Security Automation
added 2024/10/30 10:51 a.m.28 views

What is known about the Spoofing – Windows MSHTML Platform (CVE-2024-43573) vulnerability from the October Microsoft Patch Tuesday?

What is known about the Spoofing - Windows MSHTML Platform CVE-2024-43573 vulnerability from the October Microsoft Patch Tuesday? In fact, just that it is being exploited in the wild. There are no write-ups or public exploits yet. The Acknowledgements section in the Microsoft bulletin is empty. I...

8.1CVSS7AI score0.84345EPSS
Exploits0
Information Security Automation
Information Security Automation
added 2022/10/04 8:27 p.m.28 views

How to Perform a Free Ubuntu Vulnerability Scan with OpenSCAP and Canonical’s Official OVAL Content

Hello everyone! Five years ago I wrote a blogpost about OpenSCAP. But it was only about the SCAP Workbench GUI application and how to use it to detect security misconfigurations. Alternative video link for Russia: This time, I will install the OpenSCAP command line tool on Ubuntu and use it to...

7.7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2025/02/18 5:28 p.m.27 views

New episode “In The Trend of VM” (#11): vulnerabilities that became trending in December and the final report on trending vulnerabilities for 2024

New episode "In The Trend of VM" 11: vulnerabilities that became trending in December and the final report on trending vulnerabilities for 2024. I made this episode exclusively for the Telegram channel @avleonovcom "Vulnerability Management and More". Video on YouTube, LinkedIn Post on Habr rus...

9.5CVSS7.8AI score0.78198EPSS
Exploits24
Total number of security vulnerabilities389