2017 has been an exciting time for discovering security vulnerabilities. There are some that hold your companies assets to ransom. Others can be career ending. So I thought to compile a list to keep track.
Remember there is still 2 more months till the end of the year!
- Teamviewer (2 or 3?) 20170218 https://www.reddit.com/r/teamviewer/comments/5us6th/has_teamviewer_12_been_hacked/
- Apache Struts2 Jakarta Multipart Parser File Upload Code Execution 20170309 https://www.theregister.co.uk/2017/03/09/apache_under_attack_patch_for_zero_day_available/
- WannaCry 20170512 https://en.wikipedia.org/wiki/WannaCry_ransomware_attack . This comes with love from NSA’s EternalBlue exploit
- Petya / NonPetya 20170627 https://en.wikipedia.org/wiki/Petya_(malware)
- BlueBorne BlueTooth 20170912 https://www.armis.com/blueborne/
- Apache Struts RCE 20170912 http://hehackernews.com/2017/09/equifax-apache-struts.html This is the one that got Equifax in the short and curlies
- KRACK (Key Reinstallation Attack) 20171016 https://en.wikipedia.org/wiki/KRACK