Clik here to view.
Vulnerability Walkthrough: 7zip CVE-2016-2334 HFS+ Code Execution Vulnerability
This blog post was authored by Marcin Noga of Cisco Talos.IntroductionIn 2016 Talos released an advisory for CVE-2016-2334, which was a remote code execution vulnerability affecting certain versions of...
View ArticleClik here to view.
Recam Redux - DeConfusing ConfuserEx
This post is authored by Holger Unterbrink and Christopher MarczewskiOverviewThis report shows how to deobfuscate a custom .NET ConfuserEx protected malware. We identified this recent malware campaign...
View ArticleClik here to view.
The Mutiny Fuzzing Framework and Decept Proxy
This blog post is authored by James Spadaro of Cisco ASIG and Lilith Wyatt of Cisco Talos.Imagine a scenario where you, as a vulnerability researcher, are tasked with auditing a network application to...
View ArticleClik here to view.
Vulnerability Spotlight: TALOS-2017-0393 / CVE-2017-2886 - ACDSee Ultimate 10...
Vulnerability discovered by Piotr Bania of Cisco Talos.OverviewTalos has discovered a remote code execution vulnerability in the ACDSee Ultimate 10 application from ACD Systems International Inc....
View ArticleClik here to view.
Threat Round Up for Dec 01 - Dec 08
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between December 01 and December 08. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Microsoft Patch Tuesday - December 2017
Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 34 new...
View ArticleClik here to view.
Beers with Talos EP 18: Kitties in My Blockchain, Obfuscating Pronunciations,...
Beers with Talos (BWT) Podcast Episode 18 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastEP18...
View ArticleClik here to view.
Virus Bulletin Publication And Presentation
Virus Bulletin conference is a well regarded intimate technical conference focused on malware research. It provides a good balance between listening to technical talks and spending time exchanging...
View ArticleClik here to view.
Vulnerability Spotlight: VMWare VNC Vulnerabilities
Today, Talos is disclosing a pair of vulnerabilities in the VNC implementation used in VMWare's products that could result in code execution. VMWare implements VNC for its remote management, remote...
View ArticleClik here to view.
Beers with Talos EP 19: The "Best" of BWT
Beers with Talos (BWT) Podcast Episode 19 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastEP19...
View ArticleClik here to view.
Tutorial: Mutiny Fuzzing Framework and Decept Proxy
Here's a basic demo video for our new opensource tools, Decept and Mutiny. Happy New Year <(^_^)> ~ LilithRecently, Talos released new tools to assist in the monumental task of finding...
View ArticleClik here to view.
Not So Crystal Clear - Zeus Variant Spoils Ukrainian Holiday
This post was authored by Edmund Brumaghin with contributions from Ben Baker, Dave Maynor and Matthew Molyett.Introduction Talos has observed a cyber attack which was launched using the official...
View ArticleClik here to view.
Threat Round Up for December 29 - January 5
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between December 29 and January 05. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Meltdown and Spectre
Cisco Talos is aware of three new vulnerabilities impacting Intel, AMD, Qualcomm and ARM processors used by almost all computers. We are investigating these issues and although we have not observed...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple Vulnerabilities in the CPP and Parity...
Vulnerabilities discovered by Marcin Noga of Cisco Talos.OverviewTalos is disclosing the presence of multiple vulnerabilities in the CPP and the Parity Ethereum clients.TALOS-2017-0503 / CVE-2017-14457...
View ArticleClik here to view.
Microsoft Patch Tuesday - January 2018
Today Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 56 new...
View ArticleClik here to view.
Vulnerability Spotlight: Ruby Rails Gem XSS Vulnerabilities
Vulnerabilities discovered by Zachary Sanchez of Cisco ASIGOverviewTalos has discovered two XSS vulnerabilities in Ruby Rails Gems. Rails is a Ruby framework designed to create web services or web...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple Unpatched Vulnerabilities in Blender...
Technology has evolved in incredible ways that has helped people to create and visualize media like never before. Today, people can use tools such as Blender to visualize, model, and animate 3D...
View ArticleClik here to view.
Threat Round Up for January 5 - 12
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between January 05 and January 12. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Korea In The Crosshairs
This blog post is authored by Warren Mercer and Paul Rascagneres and with contributions from Jungsoo An.A one year review of campaigns performed by an actor with multiple campaigns mainly linked to...
View Article