На прошлой неделе произошло сразу три интересных события в сфере информационной безопасности: была закрыта эксплуатируемая уязвимость в Whatsapp, для критической уязвимости в Windows выпустили патчи даже для неподдерживаемых версий ОС, а в процессорах Intel нашли еще одну Spectre-подобную
Two zero-day vulnerabilities per week from Microsoft, update for popular tools, stories about ransomware and blue team like red to fight with evil. Vulnerabilities: Microsoft patched zero-day which detected in the wil! Tools: Upd for one of the most famous red team tools News: Have you ever hear about vulnerability in malware? Research: Elastic team … Continue reading Two zero-day vulnerabilities per week, update for popular tools and stories about ransomware →
A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of SRTCP packets sent to a target phone number. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.
There are no zero-day vulnerabilities or new headliners in this digest. But there are new tool updates and different news + research. Vulnerabilities: No zero-day, only emergency update for Drupal and cPanel, couple exploits for routers; Tools: Update powerfull intellegence tool and others; News: Tesla hacked! Next story about Sopra Steria and malware actions. Baidu … Continue reading Digest without zero-day, with malware and Tesla news → The post Digest without zero-day, with malware and Tesla