No sign of reprieve from Ransomware attacks for companies leading into 2022

Supply chain attacks and software exploitations are set to continue next year, and remote or hybrid work may complicate cyber-preparedness,

Read more

Multiple vulnerabilities in Microsoft products

Connect
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!
Connect

November 12, 2020 DOCUMENT MANAGEMENT Reference CERTFR-2020-AVI-739Title Multiple vulnerabilities in Microsoft productsFirst version date November 12, 2020Latest version date November

Read more

SaltStack Salt REST API Arbitrary Command Execution Exploit

Date added 12-11-2020 This Metasploit module exploits an authentication bypass and command injection in SaltStack Salt’s REST API to execute

Read more

November 2020 Patch Tuesday: Microsoft fixes actively exploited Windows Kernel flaw

On this November 2020 Patch Tuesday: Microsoft has plugged 112 security holes, including an actively exploited one Adobe has delivered

Read more