Clik here to view.
Vulnerability Spotlight: Remote code execution vulnerability in Microsoft Excel
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered a remote code execution vulnerability in Microsoft Excel. Microsoft disclosed...
View ArticleClik here to view.
Vulnerability Spotlight: Remote code execution vulnerability in Microsoft...
Marcin Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Microsoft Media Foundation’s framework contains a remote code execution vulnerability that exists due to a use-after-free...
View ArticleClik here to view.
Microsoft Patch Tuesday — Nov. 2019: Vulnerability disclosures and Snort...
By Jon Munshaw.Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday discloses 75 vulnerabilities, 13 of...
View ArticleClik here to view.
Vulnerability Spotlight: Denial-of-service vulnerability in Intel IGC64...
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Intel’s IGC64.dll graphics driver contains a denial-of-service vulnerability. An attacker could exploit this bug by...
View ArticleClik here to view.
Vulnerability Spotlight: Command injection bug in Exhibitor UI
Logan Sanderson of Cisco ASIG discovered this vulnerability. Blog by Jon Munshaw.Exhibitor Web UI contains an exploitable command injection vulnerability in its Config editor. Exhibitor is a ZooKeeper...
View ArticleClik here to view.
Hunting for LoLBins
By Vanja Svajcer.IntroductionAttackers' trends tend to come and go. But one popular technique we're seeing at this time is the use of living-off-the-land binaries — or "LoLBins". LoLBins are used by...
View ArticleClik here to view.
Custom dropper hide and seek
Executive summaryMost users assume they are safe when surfing the web on a daily basis. But information-stealing malware can operate in the background of infected systems, looking to steal users'...
View ArticleClik here to view.
Threat Source newsletter (Nov. 14, 2019)
Newsletter compiled by Jon Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.It was all about the bugs this week. Patch...
View ArticleClik here to view.
How the new Talos IR Cyber Range can prepare your employees for a cyber attack
By Gerard Johansen, Charles Iszard and Luke DuCharme.With the surge of ransomware attacks, information leaks and other cyber attacks in the headlines, most companies and organizations are aware that...
View ArticleClik here to view.
Cryptominers, ransomware among top malware in IR engagements in Q4
By David Liebenberg and Kendall McKay.This summer’s most popular malware families were commonly seen, unsophisticated attacks, with phishing being the top infection vector, according to Cisco Talos...
View ArticleClik here to view.
Beers with Talos Ep. #66: I Choose YOU! Attackers view of targets, RLAs, scam...
By Mitch Neff.Beers with Talos (BWT) Podcast episode No. 66 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing, click here.Recorded...
View ArticleClik here to view.
Vulnerability Spotlight: Two remote code execution vulnerabilities in Xcftools
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Xcftools contains two remote code execution vulnerabilities in its flattenIncrementally function. Xcftools is a set of tools for...
View ArticleClik here to view.
Vulnerability Spotlight: Tenda AC9 /goform/WanParameterSetting command...
Amit Raut of Cisco Talos discovered this vulnerability.Cisco Talos recently discovered a command injection vulnerability in the Tenda AC9 router. The Tenda AC9 is one of the most popular and affordable...
View ArticleClik here to view.
Threat Source newsletter (Nov. 21, 2019)
Newsletter compiled by Jon Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.It’s nearly holiday shopping season, which...
View ArticleClik here to view.
Threat Roundup for November 15 to November 22
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 15 and Nov. 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Best practices for staying safe online during the holiday shopping season
By Jon Munshaw.This holiday shopping season, the basics of avoiding a malware infection boils down to: If it sounds too good to be true, it probably is.While sometimes retailers do give out...
View ArticleClik here to view.
Vulnerability Spotlight: Two vulnerabilities in EmbedThis GoAhead
A Cisco Talos researcher discovered these vulnerabilities. Blog by Jon Munshaw. EmbedThis’ GoAhead Web Server contains two vulnerabilities that both arise when the software attempts to process a...
View ArticleClik here to view.
Vulnerability Spotlight: Accusoft ImageGear PNG IHDR width code execution...
Marcin Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Accusoft ImageGear contains two remote code execution vulnerabilities. ImageGear is a document and imaging library from...
View ArticleClik here to view.
Vulnerability Spotlight: SQL injection vulnerabilities in Forma Learning...
Yuri Kramarz of Security Advisory EMEAR discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered three SQL injection vulnerabilities in the authenticated portion of the...
View ArticleClik here to view.
ClamAV team shows off new Mussels dependency build automation tool
By Micah Snyder.Today I'm very excited, and a little bit nervous, to unveil Mussels. Mussels is a cross-platform, general-purpose dependency build automation tool. You might compare it with Vcpkg,...
View Article