VMconf 22: Why Didn’t It Work As Planned and What’s Next? Hello everyone! In this episode, I want to talk about VMconf 22. It was an experiment from the beginning. Is it possible to host a Vulnerability Management event with little effort and budget? Looks like no. So I would like to talk about why the original idea failed and the future of VMconf.
The initial idea was to create a website, announce the launch of the CFP in social networks and everything else will happen automatically. People will apply and all that remains is to choose the best talks and manage the stream of the event. Well, no, not really.
Log4j “Log4Shell” RCE explained (CVE-2021-44228). Hello everyone! I decided to make a separate episode about Log4Shell. Of course, there have already been many reviews of this vulnerability. But I do it primarily for myself. It seems to me that serious problems with Log4j and similar libraries will be with us for a long time. Therefore, it would be interesting to document how it all began. So what is the root cause of Log4Shell?
Logs
Generally speaking, the IT infrastructure of any company deals with streams of input data. From user requests to a corporate website to integration with banking APIs and cloud services. A lot of data gets into the infrastructure of the company, is transferred from system to system, periodically getting into the logs. These logs are required to verify that the systems are functioning correctly.
Microsoft Patch Tuesday December 2021. Hello everyone! It’s even strange to talk about other vulnerabilities, while everyone is so focused on vulnerabilities in log4j. But life doesn’t stop. Other vulnerabilities appear every day. And of course, there are many critical ones among them that require immediate patching. This episode will be about Microsoft Patch Tuesday for December 2021.
I will traditionally use my open source Vulristics tool for analysis.
Vulnerability Intelligence based on media hype. It works? Grafana LFI and Log4j “Log4Shell” RCE. Hello everyone! In this episode, I want to talk about vulnerabilities, news and hype. The easiest way to get timely information on the most important vulnerabilities is to just read the news regularly, right? Well, I will try to reflect on this using two examples from last week.
I have a security news telegram channel https://t.me/avleonovnews that is automatically updated by a script using many RSS feeds. And the script even highlights the news associated with vulnerabilities, exploits and attacks.
QSC21, VMDR Training and Exam. Hello everyone! On the one hand, because of the pandemic, we have become more distant from each other. We work mostly remotely from home. Traveling to a conference in another country has become much more difficult than it used to be. Now it is not only expensive. It has become much more difficult to obtain visas, there are restrictions related to vaccines, tests, quarantines, etc. And sometimes the borders are simply closed and it is impossible to get there.
On the other hand, we have become paradoxically closer to each other. Conferences have become much more online-oriented. And the main event of Qualys, QSC 21 Las Vegas, is now available to everyone with no delays or restrictions. This year, I not only watched the show, but also took VMDR training, passed the exam and received a certificate. I want to talk about this in this episode.
Conference
I will only state the main idea. Of course the way I understood it. Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency (CISA), btw not related to a security blogger Brian Krebs, started the conference by talking about attacks. There will only be more of them, and it will be more difficult to mitigate these attacks. Of course, if companies could be protected with prohibitive measures, that would be fine. But the problem is that in order for a company to be competitive, it must build the “permissive environment”. Especially in our COVID times.
Vulristics Command Line Interface, improved Product & Vuln. Type Detections and Microsoft Patch Tuesday November 2021. Hello everyone! In this episode I want to highlight the latest changes in my Vulristics project. For those who don’t know, this is a utility for prioritizing CVE vulnerabilities based on data from various sources.. Currently Microsoft, NVD, Vulners, AttackerKB.
Command Line Interface
I started working on the CLI for Vulristics. Of course, it is not normal to edit scripts every time to release a report.
VMconf 22 Vulnerability Management conference: Call For Papers started. Hello everyone! This episode will be about the VMconf 22 Vulnerability Management conference. CFP started on November 1, which will last a month and a half. So please submit your talk or share this video with someone who might be interested.
Let’s talk about the conference itself. All started with a post in my Telegram channel. I have looked at the listings of cybersecurity conferences and have not seen a global event dedicated entirely to Vulnerability Management.
Specialized conferences are mainly about SOC, DLP, AntiFraud, cryptography. Conferences with broad topics are aimed mainly at C-level executives or hardcore offensive specialists. Conferences are usually very regional. Of course, there are events organized by VM vendors, but their marketing goals are clear and there are usually no CFPs (Calls For Papers) at these events. In our COVID times, it has become much more difficult to attend offline events due to various restrictions.
So, it would be great to have our own independent international online Vulnerability Management event. From the community (in a very broad, global sense) and for the community. For interesting content and development of horizontal connections between people, not for marketing. And we will do it.
This is my personal blog. The opinions expressed here are my own and not of my employer. All product names, logos, and brands are property of their respective owners. All company, product and service names used here for identification purposes only. Use of these names, logos, and brands does not imply endorsement. You can freely use materials of this site, but it would be nice if you place a link on https://avleonov.com and send message about it at me@avleonov.com or contact me any other way.
