Lucene search
K
AvleonovRecent

389 matches found

Information Security Automation
Information Security Automation
added 2023/06/25 12:35 a.m.65 views

Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP

Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP. Hello everyone! This episode will be about Microsoft Patch Tuesday for June 2023, including vulnerabilities that were added between May and June Patch Tuesdays. Alternative...

9.8CVSS9.1AI score0.99964EPSS
Exploits29
Information Security Automation
Information Security Automation
added 2023/05/27 10:39 p.m.57 views

Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE

Microsoft Patch Tuesday May 2023: Microsoft Edge, BlackLotus Secure Boot SFB, OLE RCE, Win32k EoP, NFS RCE, PGM RCE, LDAP RCE, SharePoint RCE. Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2023, including vulnerabilities that were added between April and May Patch...

9.8CVSS9.5AI score0.94683EPSS
Exploits11
Information Security Automation
Information Security Automation
added 2023/04/27 10:3 p.m.74 views

Microsoft Patch Tuesday April 2023: CLFS EoP, Word RCE, MSMQ QueueJumper RCE, PCL6, DNS, DHCP

Microsoft Patch Tuesday April 2023: CLFS EoP, Word RCE, MSMQ QueueJumper RCE, PCL6, DNS, DHCP. Hello everyone! This episode will be about Microsoft Patch Tuesday for April 2023, including vulnerabilities that were added between March and April Patch Tuesdays. Alternative video link for Russia:...

9.8CVSS9AI score0.95454EPSS
Exploits20
Information Security Automation
Information Security Automation
added 2023/04/23 11:11 p.m.60 views

Vulristics News: EPSS v3 Support, Integration into Cloud Advisor

Vulristics News: EPSS v3 Support, Integration into Cloud Advisor. Hello everyone! This episode will focus on the news from my open source Vulristics project for vulnerability analysis and prioritization. Alternative video link for Russia: https://vk.com/video-149273431456239122 EPSS v3 The third...

9.8CVSS9.7AI score0.96988EPSS
Exploits34
Information Security Automation
Information Security Automation
added 2023/03/27 12:25 a.m.98 views

Microsoft Patch Tuesday March 2023: Outlook EoP, MOTW Bypass, Excel DoS, HTTP/3 RCE, ICMP RCE, RPC RCE

Hello everyone! This episode will be about Microsoft Patch Tuesday for March 2023, including vulnerabilities that were added between February and March Patch Tuesdays. Alternative video link for Russia: As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. I...

7.5CVSS9.5AI score0.97408EPSS
Exploits19
Information Security Automation
Information Security Automation
added 2023/02/26 4:37 p.m.94 views

Microsoft Patch Tuesday February 2023: Win Graphics RCE, Edge RCE, Publisher SFB, CLFS EoP, Exchange RCEs, Word RCE, HoloLens1

Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2023, including vulnerabilities that were added between January and February Patch Tuesdays. Alternative video link for Russia: This month I decided to change the format a bit. Now I share my impression of Microsoft...

7.5CVSS8.9AI score0.82302EPSS
Exploits18
Information Security Automation
Information Security Automation
added 2023/01/13 2:14 p.m.84 views

Microsoft Patch Tuesday January 2023: ALPC EoP, Win Backup EoP, LocalPotato, Exchange, Remote RCEs

Hello everyone! This episode will be about Microsoft Patch Tuesday for January 2023, including vulnerabilities that were added between December and January Patch Tuesdays. Alternative video link for Russia: As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilitie...

6.5CVSS8.2AI score0.41538EPSS
Exploits3
Information Security Automation
Information Security Automation
added 2023/01/10 8:7 p.m.63 views

How Debian OVAL content is structured

Hello everyone! As we saw in the last episode, the results of vulnerability detection for one host produced by two different APIs can vary greatly. Therefore, in order to find out the truth, it is necessary to understand what vulnerability data is provided by the Linux distribution vendor and how...

7.5CVSS0.9AI score0.02402EPSS
Exploits1
Information Security Automation
Information Security Automation
added 2022/12/30 6:3 p.m.340 views

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. Its especially nice that all the code to support the new API was written and contributed ...

10CVSS7.6AI score0.95764EPSS
Exploits284
Information Security Automation
Information Security Automation
added 2022/12/24 10:55 p.m.67 views

Microsoft Patch Tuesday December 2022: SPNEGO RCE, Mark of the Web Bypass, Edge Memory Corruptions

Hello everyone! This episode will be about Microsoft Patch Tuesday for December 2022, including vulnerabilities that were added between November and December Patch Tuesdays. As usual, I use my open source Vulristics project to analyse and prioritize vulnerabilities. Alternative video link for...

6.8CVSS0.5AI score0.85646EPSS
Exploits7
Information Security Automation
Information Security Automation
added 2022/12/18 9:27 p.m.17 views

Is it possible to detect Zero Day vulnerabilities with Vulnerability Management solutions?

Hello everyone! In my English-language telegram chat avleonovchat, the question was asked: "How to find zero day vulnerabilities with Qualys?" Apparently this question can be expanded. Not just with Qualys, but with any VM solution in general. And is it even possible? There was an interesting...

7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2022/11/25 8:56 p.m.102 views

Microsoft Patch Tuesday November 2022: Exchange ProxyNotShell RCE, JScript9, MoTW, OpenSSL, Edge, CNG, Print Spooler

Hello everyone! This episode will be about Microsoft Patch Tuesday for November 2022, including vulnerabilities that were added between October and November Patch Tuesdays. As usual, I use my open source Vulristics project to create the report. Alternative video link for Russia: The most importan...

7.5CVSS0.4AI score0.99964EPSS
Exploits23
Information Security Automation
Information Security Automation
added 2022/10/29 8:37 a.m.83 views

Microsoft Patch Tuesday October 2022: Exchange ProxyNotShell RCE, Windows COM+ EoP, AD EoP, Azure Arc Kubernetes EoP

Hello everyone! This episode will be about Microsoft Patch Tuesday for October 2022, including vulnerabilities that were added between September and October Patch Tuesdays. As usual, I use my open source Vulristics project to create the report. Alternative video link for Russia: $ cat...

0.5AI score0.99964EPSS
Exploits16
Information Security Automation
Information Security Automation
added 2022/10/21 8:10 p.m.160 views

Joint Advisory AA22-279A and Vulristics

Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory CSA AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics. Alternative video link for Russia: Americans cant just release a list...

10CVSS1.1AI score0.99999EPSS
Exploits964
Information Security Automation
Information Security Automation
added 2022/10/04 8:27 p.m.28 views

How to Perform a Free Ubuntu Vulnerability Scan with OpenSCAP and Canonical’s Official OVAL Content

Hello everyone! Five years ago I wrote a blogpost about OpenSCAP. But it was only about the SCAP Workbench GUI application and how to use it to detect security misconfigurations. Alternative video link for Russia: This time, I will install the OpenSCAP command line tool on Ubuntu and use it to...

7.7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2022/09/23 10:44 p.m.134 views

Microsoft Patch Tuesday September 2022: CLFS Driver EoP, IP packet causes RCE, Windows DNS Server DoS, Spectre-BHB

Hello everyone! Lets take a look at Microsofts September Patch Tuesday. This time it is quite compact. There were 63 CVEs released on Patch Tuesday day. If we add the vulnerabilities released between August and September Patch Tuesdays as usual, they were in Microsoft Edge, the final number is 90...

1.9CVSS0.9AI score0.75711EPSS
Exploits14
Information Security Automation
Information Security Automation
added 2022/09/16 10:20 p.m.24 views

Scanvus – my open source Vulnerability Scanner for Linux hosts and Docker images

Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about my open source project Scanvus. This project is already a year old and I use it almost every day. Alternative video link for Russia: Scanvus Simple Credentialed...

7.5AI score
Exploits0
Information Security Automation
Information Security Automation
added 2022/08/23 12:0 a.m.363 views

Microsoft Patch Tuesday August 2022: DogWalk, Exchange EOPs, 13 potentially dangerous, 2 funny, 3 mysterious vulnerabilities

Hello everyone! In this episode, lets take a look at the Microsoft Patch Tuesday August 2022 vulnerabilities. I use my Vulristics vulnerability prioritization tool as usual. I take comments for vulnerabilities from Tenable, Qualys, Rapid7, ZDI and Kaspersky blog posts. Also, as usual, I take into...

9.3CVSS0.3AI score0.9981EPSS
Exploits190
Information Security Automation
Information Security Automation
added 2022/08/14 11:30 a.m.185 views

Vulnerability Management news and publications #2

Hello everyone! This is the second episode of Vulnerability Management news and publications. In fact, this is a collection of my posts from the avleonovcom and avleonovrus telegram channels. Therefore, if you want to read them earlier, subscribe to these channels. The main idea of ​​this episode...

10CVSS9.5AI score0.99999EPSS
Exploits154
Information Security Automation
Information Security Automation
added 2022/07/23 8:34 a.m.365 views

Microsoft Patch Tuesday July 2022: propaganda report, CSRSS EoP, RPC RCE, Edge, Azure Site Recovery

Hello everyone! Microsoft has been acting weird lately. I mean the recent publication of a propaganda report about evil Russians and how Microsoft is involved in the conflict between countries. It wouldnt be unusual for a US government agency, NSA or CIA to publish such a report. But when a globa...

7.2CVSS9.6AI score0.70461EPSS
Exploits2
Information Security Automation
Information Security Automation
added 2022/07/06 12:13 p.m.78 views

Vulnerability Management news and publications #1

Hello everyone! In this episode, I will try to revive Security News with a focus on Vulnerability Management. On the one hand, creating such reviews requires free time, which could be spent more wisely, for example, on open source projects or original research. On the other hand, there are...

7.5CVSS9.7AI score0.99999EPSS
Exploits225
Information Security Automation
Information Security Automation
added 2022/06/25 12:32 p.m.79 views

Microsoft Patch Tuesday June 2022: Follina RCE, NFSV4.1 RCE, LDAP RCEs and bad patches

Hello everyone! This will be an episode about the Microsoft vulnerabilities that were released on June Patch Tuesday and also between May and June Patch Tuesdays. Alternative video link for Russia: On June Patch Tuesday, June 14, 56 vulnerabilities were released. Between May and June Patch...

10CVSS9.3AI score0.99374EPSS
Exploits67
Information Security Automation
Information Security Automation
added 2022/06/13 8:43 p.m.54 views

Vulners Linux Audit API: Security Bulletin Publication Dates in Results

Hello everyone! In this short episode, I want to talk about the new feature in Vulners Linux API. Alternative video link for Russia: Linux security bulletin publication dates are now included in scan results. Why is it useful? A few words why this Linux Audit API is needed. You collect a list of...

4.6CVSS6.5AI score0.00365EPSS
Exploits0
Information Security Automation
Information Security Automation
added 2022/06/11 12:46 a.m.124 views

PHDays 11: towards the Independence Era

Hello everyone! In this episode, I want to talk about the Positive Hack Days 11 conference, which took place on May 18 and 19 in Moscow. As usual, I want to express my personal opinion about this event. Alternative video link for Russia: As I did last year, I want to start talking about this...

6.8CVSS0.96843EPSS
Exploits38
Information Security Automation
Information Security Automation
added 2022/06/04 10:18 a.m.26 views

AM Live Vulnerability Management Conference 2022: my impressions and position

Hello everyone! This episode will be about the AM Live Vulnerability Management online conference. I participated in it on May 17th. Alternative video link for Russia: The event lasted 2 hours. Repeating everything that has been said is difficult and makes little sense. Those who want can watch t...

7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2022/05/26 9:21 p.m.2535 views

Microsoft Patch Tuesday May 2022: Edge RCE, PetitPotam LSA Spoofing, bad patches

Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2022. Sorry for the delay, this month has been quite intense. As usual, Im using my Vulristics project and going through not only the vulnerabilities that were presented on May 10th, but all the MS vulnerabilities presente...

9.3CVSS0.5AI score0.83277EPSS
Exploits17
Information Security Automation
Information Security Automation
added 2022/05/23 8:56 p.m.58 views

Vulristics May 2022 Update: CVSS redefinitions and bulk adding Microsoft products from MS CVE data

Hello everyone! In this episode, I want to talk about the latest updates to my open source vulnerability prioritization project Vulristics. Alternative video link for Russia: CVSS redefinitions A fairly common problem: we have a CVE without an available CVSS vector and score. For example, this wa...

8.9AI score0.1372EPSS
Exploits2
Information Security Automation
Information Security Automation
added 2022/05/10 9:28 p.m.16 views

Malicious Open Source: the cost of using someone else’s code

Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about malicious open source and the cost of using someone elses code. Alternative video link for Russia: Video in Russian from CISO Forum 2022: To be honest, at the beginnin...

7.4AI score
Exploits0
Information Security Automation
Information Security Automation
added 2022/04/23 9:22 a.m.205 views

Microsoft Patch Tuesday April 2022 and custom CVE comments sources in Vulristics

Hello everyone! This episode will be about Microsoft Patch Tuesday for April 2022 and new improvements in my Vulristics project. I decided to add more comment sources. Because its not just Tenable, Qualys, Rapid7 and ZDI make Microsoft Patch Tuesday reviews, but also other security companies and...

10CVSS9.2AI score0.91316EPSS
Exploits24
Information Security Automation
Information Security Automation
added 2022/04/16 11:6 p.m.27 views

CISO Forum 2022: the first major Russian security conference in the New Reality

Hello everyone! After a two-year break, I took part in Moscow CISO Forum 2022 with a small talk "Malicious open source: the cost of using someone elses code". Alternative video link for Russia: CISO Forum is the first major Russian conference since the beginning of The New Reality of Information...

7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2022/04/04 4:42 p.m.36 views

Gitlab OmniAuth Static Passwords and stored XSS

Hello everyone! In this episode, lets take a look at the latest vulnerabilities in Gitlab. On March 31, the Critical Security Release for GitLab Community Edition CE and Enterprise Edition EE was released. GitLab recommends that all installations running a version affected by the issues described...

7.5CVSS7.7AI score0.87369EPSS
Exploits6
Information Security Automation
Information Security Automation
added 2022/04/03 12:15 a.m.315 views

Spring4Shell, Spring Cloud Function RCE and Spring Cloud Gateway Code Injection

Hello everyone! This episode will be about last weeks high-profile vulnerabilities in Spring. Lets figure out what happened. Alternative video link for Russia: Of course, its amazing how fragmented the software development world has become. Now there are so many technologies, programming language...

7.5CVSS9.7AI score0.99939EPSS
Exploits186
Information Security Automation
Information Security Automation
added 2022/03/27 11:20 a.m.15 views

How to remove sensitive information from a Github repository

Hello everyone! In this episode, I would like to talk about Github and how to remove sensitive information that was accidentally uploaded there. Alternative video link for Russia: This is a fairly common problem. When publishing the project code on Github, developers forget to remove credentials:...

7.4AI score
Exploits0
Information Security Automation
Information Security Automation
added 2022/03/14 5:33 p.m.221 views

Microsoft Patch Tuesday March 2022

Hello everyone! I am glad to greet you from the most sanctioned country in the world. Despite all the difficulties, we carry on. I even have some time to release new episodes. This time it will be about Microsoft Patch Tuesday for March 2022. Alternative video link for Russia: I do the analysis a...

7.2CVSS0.3AI score0.40789EPSS
Exploits3
Information Security Automation
Information Security Automation
added 2022/02/28 8:52 p.m.413 views

Microsoft Patch Tuesday February 2022

Hello everyone! This episode will be about Microsoft Patch Tuesday for February 2022. I release it pretty late, because of the my previous big episode about the blindspots in the Knowledge Bases of Vulnerability Scanners. Please take a look if you havent seen it. Well, if you are even slightly...

9.3CVSS8.4AI score0.53655EPSS
Exploits5
Information Security Automation
Information Security Automation
added 2022/02/18 5:0 p.m.68 views

VMconf 22: Blindspots in the Knowledge Bases of Vulnerability Scanners

Hello everyone! This video was recorded for the VMconf22 Vulnerability Management conference. I want to talk about the blind spots in the knowledge bases of Vulnerability Scanners and Vulnerability Management products. This report was presented in Russian at Tenable Security Day 2022. The video i...

5CVSS7.6AI score0.23061EPSS
Exploits4
Information Security Automation
Information Security Automation
added 2022/01/21 6:57 p.m.17 views

End of CentOS Linux. Where to migrate?

Hello everyone! As you probably know, CentOS Linux, the main Enterprise-level Linux server distribution, will soon disappear. It wasnt hard to predict when RedHat acquired CentOS in 2014, and now it is actually happening. End of life of CentOS Linux 8 was 31.12.2021. There wont be CentOS Linux as...

7.1AI score
Exploits0
Information Security Automation
Information Security Automation
added 2022/01/16 8:17 p.m.104 views

Microsoft Patch Tuesday January 2022

Hello everyone! This episode will be about Microsoft Patch Tuesday for January 2022. Traditionally, I will use my open source Vulristics tool for analysis. This time I didnt make any changes to how connectors work. The report generation worked correctly on the first try. python3.8 vulristics.py...

10CVSS1.7AI score0.9279EPSS
Exploits28
Information Security Automation
Information Security Automation
added 2022/01/08 12:28 a.m.19 views

VMconf 22: Why Didn’t It Work As Planned and What’s Next?

Hello everyone! In this episode, I want to talk about VMconf 22. It was an experiment from the beginning. Is it possible to host a Vulnerability Management event with little effort and budget? Looks like no. So I would like to talk about why the original idea failed and the future of VMconf. The...

7.1AI score
Exploits0
Information Security Automation
Information Security Automation
added 2021/12/26 10:7 p.m.255 views

Log4j “Log4Shell” RCE explained (CVE-2021-44228)

Hello everyone! I decided to make a separate episode about Log4Shell. Of course, there have already been many reviews of this vulnerability. But I do it primarily for myself. It seems to me that serious problems with Log4j and similar libraries will be with us for a long time. Therefore, it would...

9.3CVSS0.1AI score0.99999EPSS
Exploits353
Information Security Automation
Information Security Automation
added 2021/12/16 8:53 p.m.130 views

Microsoft Patch Tuesday December 2021

Hello everyone! Its even strange to talk about other vulnerabilities, while everyone is so focused on vulnerabilities in log4j. But life doesnt stop. Other vulnerabilities appear every day. And of course, there are many critical ones among them that require immediate patching. This episode will b...

7.5CVSS1.3AI score0.11963EPSS
Exploits1
Information Security Automation
Information Security Automation
added 2021/12/12 11:51 p.m.267 views

Vulnerability Intelligence based on media hype. It works? Grafana LFI and Log4j “Log4Shell” RCE

Hello everyone! In this episode, I want to talk about vulnerabilities, news and hype. The easiest way to get timely information on the most important vulnerabilities is to just read the news regularly, right? Well, I will try to reflect on this using two examples from last week. I have a security...

9.3CVSS10AI score0.99999EPSS
Exploits393
Information Security Automation
Information Security Automation
added 2021/12/06 3:27 p.m.402 views

QSC21, VMDR Training and Exam

Hello everyone! On the one hand, because of the pandemic, we have become more distant from each other. We work mostly remotely from home. Traveling to a conference in another country has become much more difficult than it used to be. Now it is not only expensive. It has become much more difficult...

0.1AI score
Exploits0
Information Security Automation
Information Security Automation
added 2021/11/30 8:30 p.m.178 views

Vulristics Command Line Interface, improved Product & Vuln. Type Detections and Microsoft Patch Tuesday November 2021

Hello everyone! In this episode I want to highlight the latest changes in my Vulristics project. For those who dont know, this is a utility for prioritizing CVE vulnerabilities based on data from various sources.. Currently Microsoft, NVD, Vulners, AttackerKB. Command Line Interface I started...

7.1CVSS8.2AI score0.90388EPSS
Exploits10
Information Security Automation
Information Security Automation
added 2021/11/01 12:19 a.m.19 views

VMconf 22 Vulnerability Management conference: Call For Papers started

Hello everyone! This episode will be about the VMconf 22 Vulnerability Management conference. CFP started on November 1, which will last a month and a half. So please submit your talk or share this video with someone who might be interested. Lets talk about the conference itself. All started with...

7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2021/10/21 12:23 a.m.182 views

Security News: Microsoft Patch Tuesday October 2021, Autodiscover, MysterySnail, Exchange, DNS, Apache, HAProxy, VMware vCenter, Moodle

Hello everyone! This episode will be about relatively recent critical vulnerabilities. Lets start with Microsoft Patch Tuesday for October 2021. Specifically, with the vulnerability that I expected there, but it didnt get there. Autodiscover leak discovered by Guardicore Labs "Autodiscover, a...

7.5CVSS0.6AI score0.99999EPSS
Exploits175
Information Security Automation
Information Security Automation
added 2021/10/08 7:36 a.m.37 views

Career Navigator talk for IT Hub College

Last week I gave a "Career Navigator" talk for the students of the IT Hub College in Moscow. By the way, this college has a very interesting practical information security program. If it is relevant for you, check it out. Ive never talked so much about myself in public. It was like giving advises...

7AI score
Exploits0
Information Security Automation
Information Security Automation
added 2021/09/18 11:22 p.m.224 views

Security News: Microsoft Patch Tuesday September 2021, OMIGOD, MSHTML RCE, Confluence RCE, Ghostscript RCE, FORCEDENTRY Pegasus

Hello everyone! This time, lets talk about recent vulnerabilities. Ill start with Microsoft Patch Tuesday for September 2021. I created a report using my Vulristics tool. You can see the full report here. The most interesting thing about the September Patch Tuesday is that the top 3 VM vendors...

7.5CVSS0.99999EPSS
Exploits107
Information Security Automation
Information Security Automation
added 2021/09/13 10:38 p.m.65 views

Microsoft Defender for Endpoint: The Latest Versions of Antivirus Engine & Signatures

In a previous episode on Microsoft Defender for Endpoint, I described how to get a list of antivirus engine and signatures versions for the hosts in your infrastructure using the Microsoft Graph API. But the problem remains. You know the versions that are currently installed on the hosts. But whe...

6.6AI score
Exploits0
Information Security Automation
Information Security Automation
added 2021/08/31 11:16 p.m.248 views

Security News: Exchange ProxyShell, Zoom RCE, Citrix Canceled PT Acknowledgments, Cisco No Patch Router RCEs

Hello everyone! This is a new episode with my comments on the latest Information Security news. Exchange ProxyShell I want to start with something about attacks on Exchange. ProxyShell is in the news, the LockFile ransomware compromised more than 2000 servers. On the other hand, there is basicall...

10CVSS9.9AI score0.99999EPSS
Exploits70
Total number of security vulnerabilities389