Clik here to view.
Threat Round-up for July 14 - July 21
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 14 and July 21. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Vulnerability Spotlight: FreeRDP Multiple Vulnerabilities
Vulnerabilities discovered by Tyler Bohan of TalosOverviewTalos has discovered multiple vulnerabilities in the FreeRDP product. FreeRDP is a free implementation of the Remote Desktop Protocol (RDP)...
View ArticleClik here to view.
Vulnerability Spotlight: EZB Systems UltraISO ISO Parsing Code Execution...
Discovered by Piotr Bania of Cisco Talos.Today, Talos is releasing details of a new vulnerability discovered within the EZB Systems UltraISO ISO disk image creator software. TALOS-2017-0342...
View ArticleClik here to view.
Taking the FIRST look at Crypt0l0cker
This post is authored by Matthew Molyett.Executive SummaryIn March, Talos reported on the details of Crypt0l0cker based on an extensive analysis I carried out on the sample binaries. Binaries -- plural...
View ArticleClik here to view.
Vulnerability Spotlight: Kakadu SDK Vulnerabilities
Vulnerabilities discovered by Aleksandar Nikolic and Tyler Bohan of Cisco Talos.Today, Talos is disclosing multiple vulnerabilities that have been identified in the Kakadu JPEG 2000 SDK. The...
View ArticleClik here to view.
Threat Round-up for July 28 - August 4
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 28 and August 04. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
On Conveying Doubt
This post was authored by Matt Olney.Typically, Talos has the luxury of time when conducting research. We can carefully draft a report that clearly lays out the evidence and leads the reader to a clear...
View ArticleClik here to view.
Vulnerability Spotlight: Adobe Reader DC Parser Confusion
Parser vulnerabilities in common software packages such as Adobe Acrobat Reader pose a significant security risk to large portions of the internet. The fact that these software packages typically have...
View ArticleClik here to view.
Microsoft Patch Tuesday - August 2017
Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 48 new...
View ArticleClik here to view.
WinDBG and JavaScript Analysis
This blog was authored by Paul Rascagneres.IntroductionJavaScript is frequently used by malware authors to execute malicious code on Windows systems because it is powerful, natively available and...
View ArticleClik here to view.
When combining exploits for added effect goes wrong
IntroductionSince public disclosure in April 2017, CVE-2017-0199 has been frequently used within malicious Office documents. The vulnerability allows attackers to include Ole2Link objects within RTF...
View ArticleClik here to view.
Booters with Chinese Characteristics: The Rise of Chinese Online DDoS Platforms
This post was authored by Dave LiebenbergIn the past few months, Talos has observed an uptick in the number of Chinese websites offering online DDoS services. Many of these websites have a nearly...
View ArticleClik here to view.
Threat Round-up for Aug 11 - Aug 18
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between August 11 and August 18. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Vulnerability Spotlight: Lexmark Perceptive Document Filters Code Execution Bugs
OverviewTalos is disclosing a pair of code execution vulnerabilities in Lexmark Perceptive Document Filters. Perceptive Document Filters are a series of libraries that are used to parse massive amounts...
View ArticleClik here to view.
Beers with Talos EP11 - This is How the World Ends, Not with a Whimper but...
Beers with Talos (BWT) Podcast Episode 11 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastShow...
View ArticleClik here to view.
Vulnerability Spotlight: Code Execution Vulnerability in LabVIEW
Vulnerability discovered by Cory Duplantis of Cisco Talos.OverviewLabVIEW is a system design and development platform released by National Instruments. The software is widely used to create...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple Gdk-Pixbuf Vulnerabilities
OverviewToday, Talos is disclosing the discovery of two remote code execution vulnerabilities which have been identified in the Gdk-Pixbuf Toolkit. This toolkit used in multiple desktop applications...
View ArticleClik here to view.
Back to Basics: Worm Defense in the Ransomware Age
This post was authored by Edmund Brumaghin"Those who cannot remember the past are condemned to repeat it." - George SantayanaThe PrequelIn March 2017, Microsoft released a security update for various...
View ArticleClik here to view.
Threat Round Up for Aug 25 - Sep 1
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between August 25 and September 1. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Graftor - But I Never Asked for This…
This post is authored by Holger Unterbrink and Matthew MolyettOverviewFree software often downloaded from large freeware distribution sites is a boon for the internet, providing users with...
View Article