Tag Archives: PositiveTechnologies

Statistics on 2024 trending vulnerabilities were featured in the OIC-CERT annual report

Statistics on 2024 trending vulnerabilities were featured in the OIC-CERT annual report. 🎉

🔹 The Organisation of Islamic Cooperation (OIC) is the largest and most influential official intergovernmental Muslim international organization. It currently unites 57 countries with a population of about 2 billion people. Russia is also a member of the OIC as an observer.

🔹 OIC-CERT is a computer incident response team and a subsidiary of the OIC. It brings together national CERTs from 27 countries, as well as 8 commercial organizations, including Positive Technologies.

➡️ The statistics on 2024 trending vulnerabilities that I prepared were published in the section highlighting Positive Technologies’ results (report size: 67.49 MB, p.229).

I’m glad my work contributed to promoting PT ESC and Positive Technologies among national CERTs and key decision-makers! 😉

На русском

August “In the Trend of VM” (#18): vulnerabilities in Microsoft Windows and SharePoint

Leave a reply

August “In the Trend of VM” (#18): vulnerabilities in Microsoft Windows and SharePoint. A traditional monthly roundup – this time, it’s extremely short.

🗞 Post on Habr (rus)
🗒 Digest on the PT website (rus)

Only two trending vulnerabilities:

🔻 Remote Code Execution – Microsoft SharePoint Server “ToolShell” (CVE-2025-53770). The vulnerability is being widely exploited; attackers may even have gained access to U.S. nuclear secrets. The vulnerability is also relevant for Russia.
🔻 Elevation of Privilege – Windows Update Service (CVE-2025-48799). The vulnerability affects Windows 10/11 installations with at least two hard drives.

На русском

July “In the Trend of VM” (#17): vulnerabilities in Microsoft Windows and Roundcube

Leave a reply

July “In the Trend of VM” (#17): vulnerabilities in Microsoft Windows and Roundcube. A traditional monthly roundup. This time, it’s a very short one. 🙂

🗞 Post on Habr (rus)
🗒 Digest on the PT website (rus)

Only three trending vulnerabilities:

🔻 Remote Code Execution – Internet Shortcut Files (CVE-2025-33053)
🔻 Elevation of Privilege – Windows SMB Client (CVE-2025-33073)
🔻 Remote Code Execution – Roundcube (CVE-2025-49113)

На русском

June “In the Trend of VM” (#16): vulnerabilities in Microsoft Windows, Apache HTTP Server, the web interfaces of MDaemon and Zimbra, and the 7-Zip archiver

Leave a reply

June “In the Trend of VM” (#16): vulnerabilities in Microsoft Windows, Apache HTTP Server, the web interfaces of MDaemon and Zimbra, and the 7-Zip archiver. A traditional monthly vulnerability roundup. 🙂

🗞 Post on Habr (rus)
🗒 Digest on the PT website (rus)

A total of 7 trending vulnerabilities:

🔻 Elevation of Privilege – Microsoft DWM Core Library (CVE-2025-30400)
🔻 Elevation of Privilege – Windows Common Log File System Driver (CVE-2025-32701, CVE-2025-32706)
🔻 Remote Code Execution & Arbitrary File Reading – Apache HTTP Server (CVE-2024-38475)
🔻 Cross Site Scripting – MDaemon Email Server (CVE-2024-11182)
🔻 Cross Site Scripting – Zimbra Collaboration (CVE-2024-27443)
🔻 Remote Code Execution – 7-Zip (BDU:2025-01793)

На русском

Impressions from PHDays Fest

Leave a reply

Impressions from PHDays Fest. 🏟

🔹 The scale was just insane. You walk and walk – and there’s action everywhere, and all of it is PHDays, every bit of it. 👀 It totally blew my mind, I saw just a tiny fraction of everything that was going on. 🤯🙂

🔹 In the public area, I was impressed by the university pavilions – BMSTU, HSE, MSU, ITMO, and Polytech. I see a lot of potential here for smaller activities, like alumni talks. I’ll try to be part of something like that next year. 😇

🔹 In the ticketed-access exhibition area, I mostly hung out at Security Vision booth. Great folks – I learned a lot about their VM product; will share insights soon. 😉

🔹 As for my own talk – everything was really well organized. 👍 Huge thanks to everyone who came and asked questions! 🙏🔥

🔹 I caught other talks in bits and pieces – planning to watch the full recordings later.

Thanks to the organizers! It was awesome! See you next year! 🎉🙂

На русском

May “In the Trend of VM” (#15): vulnerabilities in Microsoft Windows and the Erlang/OTP framework

Leave a reply

May “In the Trend of VM” (#15): vulnerabilities in Microsoft Windows and the Erlang/OTP framework. A traditional monthly vulnerability roundup. 🙂

🗞 Post on Habr (rus)
🗒 Digest on the PT website (rus)

A total of 4 trending vulnerabilities:

🔻 Elevation of Privilege – Windows Common Log File System Driver (CVE-2025-29824)
🔻 Elevation of Privilege – Windows Process Activation (CVE-2025-21204)
🔻 Spoofing – Windows NTLM (CVE-2025-24054)
🔻 Remote Code Execution – Erlang/OTP (CVE-2025-32433)

На русском

I’m done preparing the slides for my talk about Vulristics at PHDays

Leave a reply

I’m done preparing the slides for my talk about Vulristics at PHDays. 😇 I’ll be speaking on the last day of the festival – Saturday, May 24, at 16:00 in Popov Hall 25. If you’re there at that time, I’d be glad to see you. If not – join online! 😉

I’ll have an hour to dive into Vulristics, vulnerability analysis & prioritization. 🤩 I’ll walk through the Vulristics report structure, typical tasks (like analyzing Microsoft Patch Tuesday, Linux Patch Wednesday, individual trending CVEs, and vulnerability sets), how the work with data sources is organized, the challenges of accurately detecting vulnerability types and vulnerable products. Finally, I’ll discuss Vulristics integration into pipelines. Feel free to use the code – Vulristics is MIT-licensed. 🆓

➡️ Talk on the PHDays website – you can download the .ics calendar file there 😉
⏰ May 24, 2025, 16:00 (MSK)
📍 Luzhniki, Popov Hall 25

На русском

This is my personal blog. The opinions expressed here are my own and not of my employer. All product names, logos, and brands are property of their respective owners. All company, product and service names used here for identification purposes only. Use of these names, logos, and brands does not imply endorsement. You can freely use materials of this site, but it would be nice if you place a link on https://avleonov.com and send message about it at me@avleonov.com or contact me any other way.

Alexander V. Leonov

Vulnerability Management and more

Tag Archives: PositiveTechnologies

Statistics on 2024 trending vulnerabilities were featured in the OIC-CERT annual report

August “In the Trend of VM” (#18): vulnerabilities in Microsoft Windows and SharePoint

July “In the Trend of VM” (#17): vulnerabilities in Microsoft Windows and Roundcube

June “In the Trend of VM” (#16): vulnerabilities in Microsoft Windows, Apache HTTP Server, the web interfaces of MDaemon and Zimbra, and the 7-Zip archiver

Impressions from PHDays Fest

May “In the Trend of VM” (#15): vulnerabilities in Microsoft Windows and the Erlang/OTP framework

I’m done preparing the slides for my talk about Vulristics at PHDays