Clik here to view.
Threat Round-up for Mar 31 - Apr 7
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 31 and April 7. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only...
This post was authored by Martin Lee and Warren Mercer, based on research conducted by Patrick DeSantis.Industrial Control Systems provide stability to civilization. They clean our water, deliver our...
View ArticleClik here to view.
Microsoft Patch Tuesday - April 2017
It’s that time again! Today we bring you April’s Microsoft Patch Tuesday information. These fixed vulnerabilities affect Outlook, Edge, Internet Explorer, Hyper-V, .NET, and Scripting Engine.Bulletins...
View ArticleClik here to view.
Cisco Coverage for CVE-2017-0199
Over the past week, information regarding a serious zero-day vulnerability (CVE-2017-0199) in Microsoft Office was publically disclosed. Since learning of this flaw, Talos has been actively...
View ArticleClik here to view.
Threat Round-up for Apr 7 - Apr 14
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 7 and April 14. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Cisco Coverage for Shadow Brokers 2017-04-14 Information Release
On Friday, April 14, the actor group identifying itself as the Shadow Brokers released new information containing exploits for vulnerabilities that affect various versions of Microsoft Windows as well...
View ArticleClik here to view.
Vulnerability Spotlight: Information Disclosure Vulnerability in Lexmark...
Discovered by Marcin 'Icewall' Noga of Cisco Talos.Talos are today releasing a new vulnerability discovered within the Lexmark Perceptive Document Filters library. TALOS-2017-0302 allows for...
View ArticleClik here to view.
Vulnerability Spotlight: ARM Mbedtls x509 ECDSA invalid public key Code...
Vulnerability Discovered by Aleksandar NikolicOverviewTalos is disclosing TALOS-2017-0274/CVE-2017-2784, a code execution vulnerability in ARM MbedTLS. This vulnerability is specifically related to how...
View ArticleClik here to view.
Threat Round-up for Apr 14 - Apr 21
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 14 and April 21. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Threat Spotlight: Mighty Morphin Malware Purveyors: Locky Returns Via Necurs
This post was authored by Nick BiasiniThroughout the majority of 2016, Locky was the dominant ransomware in the threat landscape. It was an early pioneer when it came to using scripting formats Windows...
View ArticleClik here to view.
Vulnerability Spotlight: Hard-coded Credential Flaw in Moxa ICS Wireless...
Earlier this month, Talos responsibly disclosed a set of vulnerabilities in Moxa ICS wireless access points. While most of the vulnerabilities were addressed in the previous set of advisories, Talos...
View ArticleClik here to view.
Vulnerability Spotlight: IrfanView Jpeg2000 Reference Tile width Arbitrary...
Discovered by Aleksandar Nikolic of Cisco TalosOverviewTalos is disclosing TALOS-2017-0310 / CVE-2017-2813, an arbitrary code execution vulnerability in the JP2 plugin for IrfanView image viewer....
View ArticleClik here to view.
Vulnerability Spotlight: Multiple Vulnerabilities in Zabbix
These vulnerabilities were discovered by Lilith Wyatt of Cisco ASIGSummaryZabbix is an enterprise monitoring solution that is designed to give organizations the ability to monitor the health and status...
View ArticleClik here to view.
Vulnerability Spotlight: Randombit Botan Library X509 Certificate Validation...
This vulnerability was discovered by Aleksandar Nikolic of Cisco Talos.OverviewTalos has discovered a vulnerability in the Randombit Botan library. A programming error exists in a way Botan library...
View ArticleClik here to view.
Threat Round-up for Apr 21 - Apr 28
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 21 and April 28. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
KONNI: A Malware Under The Radar For Years
This blog was authored by Paul RascagneresExecutive SummaryTalos has discovered an unknown Remote Administration Tool that we believe has been in use for over 3 years. During this time it has managed...
View ArticleClik here to view.
Gmail Worm Requiring You To Give It A Push And Apparently You All Are Really...
This post authored by Sean Baird and Nick BiasiniAttackers are always looking for creative ways to send large amount of spam to victims. A short-lived, but widespread Google Drive themed phishing...
View ArticleClik here to view.
Vulnerability Spotlight: AntennaHouse DMC Library Arbitrary Code Execution Flaws
These vulnerabilities were discovered by Marcin 'Icewall' Noga of Talos.Today, Talos is disclosing several vulnerabilities that have been identified in the AntennaHouse DMC library which is used in...
View ArticleClik here to view.
Vulnerability Spotlight: Power Software PowerISO ISO Code Execution...
These vulnerabilities were discovered by Piotr Bania of Cisco Talos.Today, Talos is releasing details of a new vulnerability discovered within the Power Software PowerISO disk imaging software....
View ArticleClik here to view.
Vulnerability Spotlight: WolfSSL library X.509 Certificate Text Parsing Code...
Discovered by Aleksandar Nikolic of Cisco TalosOverviewTalos is disclosing TALOS-2017-0293 / CVE 2017-2800, a code execution vulnerability in WolfSSL. WolfSSL is a lightweight SSL/TLS library targeted...
View Article