Clik here to view.
Vulnerability Spotlight: Multiple Foscam C1 Vulnerabilities Come in to Focus
Executive SummaryThe Foscam C1 is a webcam that is marketed for use in a variety of applications including home security monitoring. As an indoor webcam, it is designed to be set up inside of a...
View ArticleClik here to view.
Delphi Used To Score Against Palestine
This blog was authored by Paul Rascagneres and Warren Mercer with contributions from Emmanuel Tacheau, Vanja Svajcer and Martin Lee.Executive SummaryTalos continuously monitors malicious emails...
View ArticleClik here to view.
Talos Targets Disinformation with Fake News Challenge Victory
This post was authored by Sean Baird with contributions by Doug Sibley and Yuxi PanExecutive SummaryFor the past several months, the problem of “fake news” has been abuzz in news headlines, tweets, and...
View ArticleClik here to view.
Player 1 Limps Back Into the Ring - Hello again, Locky!
This post was authored by Alex Chiu, Warren Mercer, and Jaeson Schultz. Sean Baird and Matthew Molyett contributed to this post.Back in May, the Necurs spam botnet jettisoned Locky ransomware in favor...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple Vulnerabilities in InsideSecure MatrixSSL
These vulnerabilities were discovered by Aleksandar Nikolic of Cisco TalosOverviewMatrixSSL is a TLS/SSL stack offered in the form of a Software Development Kit (SDK) that is geared towards application...
View ArticleClik here to view.
Threat Round-up for June 16 - June 23
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 16 and June 23. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
New Ransomware Variant "Nyetya" Compromises Systems Worldwide
Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated throughout the day.Update 2017-06-27 6:00pm EDT: Updated...
View ArticleClik here to view.
Vulnerability Spotlight: Dell Precision Optimizer and Invincea Vulnerabilities
Vulnerabilities discovered by Marcin ‘Icewall’ Noga of Cisco Talos.OverviewTalos are releasing advisories for vulnerabilities in the Dell Precision Optimizer application service software, Invincea-X...
View ArticleClik here to view.
The MeDoc Connection
This Post Authored by David Maynor, Aleksandar Nikolic, Matt Olney, and Yves YounanSummaryThe Nyetya attack was a destructive ransomware variant that affected many organizations inside of Ukraine and...
View ArticleClik here to view.
New KONNI Campaign References North Korean Missile Capabilities
This blog was authored by Paul RascagneresExecutive SummaryWe recently wrote about the KONNI Remote Access Trojan (RAT) which has been distributed by a small number of campaigns over the past 3 years....
View ArticleClik here to view.
Vulnerability Spotlight: TALOS-2017-0311,0319,0321 - Multiple Remote Code...
Vulnerability discovered by Marcin Noga, Lilith Wyatt and Aleksandar Nikolic of Cisco Talos.OverviewTalos has discovered multiple vulnerabilities in the freedesktop.org Poppler PDF library. Exploiting...
View ArticleClik here to view.
Threat Round-up for June 30 - July 07
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 30 and July 07. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Attack on Critical Infrastructure Leverages Template Injection
Contributors: Sean Baird, Earl Carter, Erick Galinkin, Christopher Marczewski & Joe Marshall Executive SummaryAttackers are continually trying to find new ways to target users with malware sent...
View ArticleClik here to view.
Vulnerability Spotlight: Iceni Infix PDF Editor Memory Corruption
Today, Talos is disclosing a vulnerability that has been identified in Iceni Infix PDF Editor that could lead to arbitrary code execution on affected hosts. This vulnerability manifests in a way that...
View ArticleClik here to view.
Microsoft Patch Tuesday - July 2017
Today, Microsoft has release their monthly set of security updates designed to address vulnerabilities. This month's release addresses 54 vulnerabilities with 19 of them rated critical, 32 rated...
View ArticleClik here to view.
Memcached - A Story of Failed Patching & Vulnerable Servers
This blog authored by Aleksandar Nikolich and David Maynor with contributions from Nick BiasiniMemcached - Not secure, Not Patched Fast Enough Recently high profile vulnerabilities in systems were used...
View ArticleClik here to view.
PyREBox, a Python Scriptable Reverse Engineering Sandbox
This post was authored by Xabier Ugarte PedreroIn Talos, we are continuously trying to improve our research and threat intelligence capabilities. As a consequence, we not only leverage standard tools...
View ArticleClik here to view.
Unravelling .NET with the Help of WinDBG
This blog was authored by Paul Rascagneres and Warren Mercer.Introduction.NET is an increasingly important component of the Microsoft ecosystem providing a shared framework for interoperability between...
View ArticleClik here to view.
Vulnerabilities in ProcessMaker, WebFOCUS, and OpenFire Identified and Patched
Today, Talos is disclosing several vulnerabilities that have been identified by Portcullis in various software products. All four vulnerabilities have been responsibly disclosed to each respective...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple Vulnerabilities in CorelDRAW X8
Today, Talos is disclosing several vulnerabilities that have been identified in CorelDRAW X8. CorelDRAW X8 is graphics suite used for manipulating raster and vector images and is a common alternative...
View Article