Vulnerabilities and exploits

The report contains statistics on vulnerabilities and exploits, with an analysis of interesting vulnerabilities found in Q2 2024.

We studied data from the internet and Kaspersky internal sources to find out how and why people use indirect prompt injection.

We performed the security analysis of a Telit Cinterion modem in course of a bigger project of security assessment of a popular model of a truck and found eight vulnerabilities.

The report analyzes the security properties of a popular biometric access control terminal made by ZKTeco and describes vulnerabilities found in it.

This is the first part of the research, devoted to null session vulnerability, unauthorized MS-RPC interface and domain user enumeration.

In April 2024, while researching CVE-2023-36033, we discovered another zero-day elevation-of-privilege vulnerability, which was assigned CVE-2024-30051 identifier and patched on May, 14 as part of Microsoft’s patch Tuesday. We have seen it exploited by QakBot and other malware.

The report provides vulnerability and exploit statistics, key trends, and analysis of interesting vulnerabilities discovered in Q1 2024.

In this report, we highlight the key points about a class of recently-patched elevation-of-privilege vulnerabilities affecting Microsoft Windows, and then focus on how to check if any of them have been exploited or if there have been any attempts to exploit them.

Our Security assessment team set up rankings that reflected our take on the most widespread and critical web application vulnerabilities as viewed through a prism of eight years’ experience.

Security research into an AI robot for kids revealed several vulnerabilities enabling a cybercriminal to take over device control and to video-chat with the kid.

This is part five of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

This is part four of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

This is the third part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.

We had never seen so many CLFS driver exploits being used in active attacks before, and then suddenly there are so many of them captured in just one year. Is there something wrong with the CLFS driver? Are all these vulnerabilities similar? These questions encouraged me to take a closer look at the CLFS driver and its vulnerabilities.

This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year.