📄 HEUR.Backdoor.Win32.Poison.gen DLL Hijacking

This code implements an advanced WININET.dll proxy via DLL hijacking that is designed as a defensive countermeasure against malware such as HEUR.Backdoor.Win32.Poison.gen. The malware family Poison loads a 32‑bit WININET.dll from its current directory, which enables execution flow hijacking MITRE...

Deserialization of Untrusted Data

Overview rasa-pro is a State-of-the-art open-core Conversational AI framework for Enterprises that natively leverages generative AI for effortless assistant development. Affected versions of this package are vulnerable to Deserialization of Untrusted Data by loading a maliciously crafted model in...

Release Information for Veeam Backup for Nutanix AHV 6.1

This update has been superseded by Veeam Backup for Nutanix AHV 7.0, which was released alongside and supports only Veeam Backup & Replication 12.3. Requirements To upgrade to Veeam Backup for Nutanix AHV 6.1, download the installer below and run it on the Veeam Backup & Replication server that...

Threat Roundup for September 22 to September 29

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Sept. 22 and Sept. 29. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Description of the security update for Microsoft Exchange Server 2019: June 13, 2023 (KB5026261)

Description of the security update for Microsoft Exchange Server 2019: June 13, 2023 KB5026261 This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE: CVE-2023-28310 -...

Threat Roundup for May 19 to May 26

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between May 19 and May 26. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Roundup for May 5 to May 12

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between May 5 and May 12. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Roundup for April 14 to April 21

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between April 14 and April 21. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

Threat Roundup for September 9 to September 16

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 9 and Sept. 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristic...

Ioccheck - A Tool For Simplifying The Process Of Researching IOCs

A tool for simplifying the process of researching file hashes, IP addresses, and other indicators of compromise IOCs. Features Look up hashes across multiple threat intelligence services, from a single command or a few lines of Python. Currenty supports the following services: VirusTotal...

Threat Roundup for October 4 to October 11

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 4 and Oct. 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Threat Roundup for September 27 to October 4

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 27 and Oct. 4. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

Threat Roundup for August 9 to August 16

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 9 and Aug. 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Threat Roundup for July 5 to July 12

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 5 and July 12. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

Machinae v1.4.8 - Security Intelligence Collector

Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes, and SSL fingerprints. It was inspired by Automater, another excellent tool for collecting information. The Machinae...

Threat Roundup for Feb. 15 to Feb. 22

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 15 and Feb. 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

Doppelganger - Python Script To Scan Duplicate Copies In A Given Directory

Doppelganger is a python script to scan duplicate copies in a given directory. This tool compare not only file names, but also file hashes to ensure no false search results. Features Find duplicate music Find duplicate videos Find duplicate pictures Find duplicate documents How doppelganger searc...

Threat Roundup for Oct. 26 to Nov. 2

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 26 and Nov. 02. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

Threat Roundup for October 5 to October 12

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Oct. 5 and 12. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’ve observed by...

Threat Roundup for September 14 to September 21

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 14 and 21. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’ve observed by...