We are used to seeing sites where we can find vulnerabilities that affect applications, websites and in general any software or device we use. Issues that can allow intruders and compromise security and privacy. Now, can we find a place to see malware flaws? This is what a security researcher has done with his new project, MalVuln , where he collects all the vulnerabilities detected in malicious software.
MalVuln, a service to find bugs in malware
It has been created by security researcher John Page . MalVuln is a new portal with the idea that anyone can add vulnerabilities that they have detected in the malware. Faults that can allow or facilitate their elimination. A way for everyone to share knowledge.
The goal is none other than to combat malicious software . We already know that there are many threats that in one way or another could compromise our security. Many types of viruses that are present in all types of devices. This is a major problem, so we must always protect ourselves adequately.
Like legitimate programs, operating systems or devices that users use can have vulnerabilities, something similar happens in malware. Whenever there are bugs, there are bugs, security researchers in charge of finding a solution to combat a certain malicious software are going to have a greater chance of success.
If we analyze the MalVuln website, we find a portal similar to any other for disclosure of vulnerabilities. But of course, in this case there are no legitimate programs or any software that may have a bug and be exploited by an attacker. This time, what we are going to see is the name of the malware and the vulnerability described, with the technical details and the proof-of-concept exploit code. This way, any security researcher could use it.
MalVuln, pioneer in collecting malware bugs
According to its creator, John Page, MalVuln is the first site with this mission. It is the first platform on which we can see collected bugs that exist in malware. At the moment there are 45 registered vulnerabilities. Some of them are current threats, while others are old malware strains.
The appearance of the web is very simple. If we access its website we will find a site as we see in the image, with the different malware vulnerabilities that have been detected and made available to any user.
The idea is that the list will grow considerably. It is not just about bugs that the person in charge of the site finds, but the community itself contributes its discoveries. In this way, there will be more detected malicious software failures and a greater probability to be able to protect ourselves on the Internet.
Network security is a very important factor and must be present at all times. Having security software, such as an antivirus, is essential. But so is having the latest system updates, as well as common sense and not making mistakes. We leave you an article where we explain the differences between security in the network and cloud.
