Clik here to view.
Year in Malware 2018: The most prominent threats Talos tracked this year
It was easy to see a wild year coming in cybersecurity. It started with a bang, with Olympic Destroyer targeting the Winter Olympics in February in an attempt to disrupt the opening ceremonies. Things...
View ArticleClik here to view.
Submissions for talks at the 2019 Talos Threat Research Summit are now open
When Cisco Talos launched the first ever Talos Threat Research Summit last year, we never could have anticipated how popular it would be. Tickets sold out quickly, and our inaugural Talos-backed...
View ArticleClik here to view.
Threat Roundup for Dec. 14 to Dec. 21
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 14 and Dec. 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple privilege escalation vulnerabilities in...
p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 10.0px Monaco; color: #000000; background-color: #ffffff} p.p2 {margin: 0.0px 0.0px 0.0px 0.0px; font: 10.0px Monaco; color: #000000; background-color:...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple Apple IntelHD5000 privilege escalation...
Tyler Bohan of Cisco Talos discovered this vulnerability.Executive SummaryA memory corruption vulnerability exists in the IntelHD5000 kernel extension when dealing with graphics resources inside of...
View ArticleClik here to view.
Microsoft Patch Tuesday — January 2019: Vulnerability disclosures and Snort...
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, seven of which are rated...
View ArticleClik here to view.
Why we want users' feedback on Snort rule documentation
Today, Talos is launching a new community survey to solicit feedback on SNORTⓇ documentation.When Snort alerts the end user, the rule documentation is their first and possibly only avenue to find...
View ArticleClik here to view.
Pylocky Unlocked: Cisco Talos releases PyLocky ransomware decryptor
This tool was developed by Mike Bautista.PyLocky is a family of ransomware written in Python that attempts to masquerade as a Locky variant. This ransomware will encrypt all files on a victim machine...
View ArticleClik here to view.
Vulnerability Deep Dive: TP-Link TL-R600VPN remote code execution...
Vulnerability discovery and research by Jared Rittle and Carl Hurd of Cisco Talos.IntroductionTP-Link recently patched three vulnerabilities in their TL-R600VPN gigabit broadband VPN router, firmware...
View ArticleClik here to view.
Emotet re-emerges after the holidays
While Emotet has been around for many years and is one of the most well-known pieces of malware in the wild, that doesn't mean attackers don't try to freshen it up. Cisco Talos recently discovered...
View ArticleClik here to view.
Dynamic Data Resolver (DDR) - IDA Plugin
This blog post was authored by Holger UnterbrinkExecutive SummaryStatic reverse-engineering in IDA can often be problematic. Certain values are calculated at run time, which makes it difficult to...
View ArticleClik here to view.
Beers with Talos EP44: Fun with 2018’s Worst and Talks We Want to Hear
Beers with Talos (BWT) Podcast Ep. #44 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing, click here.Ep. #44 show notes: Recorded...
View ArticleClik here to view.
Cisco Talos' new reputation dispute system
We know users have been waiting for this feature for a while, and we are here to say: It’s ready. Cisco Talos’ new reputation system rolled out Jan. 14 on TalosIntelligence.com. We have been working...
View ArticleClik here to view.
What we learned by unpacking a recent wave of Imminent RAT infections using AMP
This blog post was authored by Chris MarczewskiCisco Talos has been tracking a series of Imminent RAT infections for the past two months following reported data from Cisco Advanced Malware Protection's...
View ArticleClik here to view.
Threat Roundup for Jan. 11 to Jan. 18
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 11 and Jan. 18. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Beers with Talos Ep. #45: SoHo attacks, IoT devices, and the cesspool setting
Beers with Talos (BWT) Podcast Ep. #45 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing, click here.Ep. #45 show notes: Recorded...
View ArticleClik here to view.
Cisco AMP tracks new campaign that delivers Ursnif
This blog post was authored by John Arneson of Cisco TalosExecutive SummaryCisco Talos once again spotted the Ursnif malware in the wild. We tracked this information stealer after Cisco's Advanced...
View ArticleClik here to view.
Threat Roundup for Jan. 18 to Jan. 25
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 18 and Jan. 25. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple WIBU SYSTEMS WubiKey vulnerabilities
Marcin "Icewall" Noga of Cisco Talos discovered these vulnerabilities.Executive SummaryCisco Talos discovered two vulnerabilities that could allow remote code execution and memory disclosure at the...
View ArticleClik here to view.
Vulnerability Spotlight: Python.org certificate parsing denial-of-service
Colin Read and Nicolas Edet of Cisco Talos discovered these vulnerabilities.Executive summaryPython.org contains an exploitable denial-of-service vulnerability in its X509 certificate parser. A...
View Article