Lucene search
K
TalosblogRecent

2033 matches found

Talos Blog
Talos Blog
added 2020/09/15 10:30 a.m.19 views

Vulnerability Spotlight: Multiple vulnerabilities in Nitro Pro PDF reader

Cisco Talos researchers discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple code execution vulnerabilities in the Nitro Pro PDF reader. Nitro PDF allows users to save, read, sign and edit PDFs on their computers. The software contains vulnerabilities th...

2.8AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/14 12:16 p.m.55 views

Vulnerability Spotlight: Memory corruption in Google PDFium

Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Google Chrome's PDFium feature could be exploited by an adversary to corrupt memory and potentially execute remote code. Chrome is a popular, free web browser available on all operating systems. PDFium allows...

2.8AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/11 12:13 p.m.14 views

Threat Roundup for September 4 to September 11

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 4 and Sept. 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristic...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/10 11:0 a.m.15 views

Threat Source newsletter for Sept. 10, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. In our continued research on election security, we have a new video roundtable discussion up on our YouTube page. In this Q&A-style format, I ask our researchers questions about the work they’ve done researching disinformation aka...

1.4AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/09 7:30 a.m.23 views

Roundtable video: Disinformation and election security

By Jon Munshaw. In our continued coverage of election security, we decided to sit down with four Talos and Cisco researchers to discuss disinformation. As we outlined in our recent research paper, disinformation is one of the cornerstones of threat actors' efforts to disrupt the American election...

2AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/09 5:53 a.m.24 views

Vulnerability Spotlight: Privilege escalation in Windows 10 CLFS driver

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a privilege escalation vulnerability in the Windows 10 Common Log File System. CLFS is a general-purpose logging service that can be used by software clients running in user-mo...

2.1AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/08 1:27 p.m.10 views

Microsoft Patch Tuesday for Sept. 2020 — Snort rules and prominent vulnerabilities

By Jon Munshaw. Microsoft released its monthly security update Tuesday, disclosing more than 120 vulnerabilities across its array of products. Twenty-three of the vulnerabilities are considered “critical" while the vast remainder are ranked as “important.” Users of all Microsoft and Windows...

1.2AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/04 3:17 p.m.12 views

Threat Roundup for August 28 to September 4

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 28 and Sept. 4. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

0.8AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/03 11:0 a.m.13 views

Threat Source newsletter for Sept. 3, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We recently uncovered a series of email campaigns utilizing links to malicious documents hosted on legitimate file-sharing platforms to spread malware. The campaigns distributed various malware payloads including Gozi ISFB, ZLoade...

2.2AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/03 8:6 a.m.16 views

Salfram: Robbing the place without removing your name tag

By Holger Unterbrink and Edmund Brumaghin. Threat summary Cisco Talos recently uncovered a series of email campaigns utilizing links to malicious documents hosted on legitimate file-sharing platforms to spread malware.The campaigns distributed various malware payloads including Gozi ISFB, ZLoader...

1.5AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/02 11:17 a.m.14 views

Quarterly Report: Incident Response trends in Summer 2020

By David Liebenberg and Caitlin Huey. For the fifth quarter in a row, Cisco Talos Incident Response CTIR observed ransomware dominating the threat landscape. Infections involved a wide variety of malware families including Ryuk, Maze, LockBit, and Netwalker, among others. In a continuation of...

1.7AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/02 7:11 a.m.17 views

Better email classification, courtesy of you

Cisco customers with Email Security Appliances ESA or Cloud Email Security CES accounts already know the benefits of Cisco’s email filtering. Every day, millions of malicious emails are automatically sent to the trash bin. Cisco encourages customers to participate in honing those filters by...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/01 11:58 a.m.11 views

Beers with Talos ep. #91: Get the FUD out

Beers with Talos BWT Podcast episode No. 91 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify StitcherIf iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded Aug. 14, 2020 Let’s talk about FUD. It’s not enough ...

0.5AI score
Exploits0
Talos Blog
Talos Blog
added 2020/09/01 11:49 a.m.18 views

Vulnerability Spotlight: Code execution, memory corruption vulnerabilities in Accusoft ImageGear

Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Accusoft ImageGear. The ImageGear library is a document-imaging developer toolkit to assist users with image conversion, creation, editing and more. There...

3.7AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/31 7:8 a.m.26 views

Vulnerability Spotlight: Multiple SQL, code injection vulnerabilities in OpenSIS

Yuri Kramarz and Yves Younan discovered these vulnerabilities. Blog by Jon Munshaw Cisco Talos researchers recently discovered multiple vulnerabilities in the OpenSIS software family. OpenSIS is a student information management system for K-12 students. It is available in commercial and open-sour...

1.5AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/27 12:44 p.m.15 views

Threat Roundup for August 21 to August 27

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 21 and Aug. 27. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

1.1AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/27 11:0 a.m.14 views

Threat Source newsletter for Aug. 27, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. As part of our continued look at election security ahead of the November election, we have another research paper out this week. This time, we’re taking a closer look at disinformation campaigns, popularly known as “fake news.” Th...

1.9AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/26 7:8 a.m.65 views

Vulnerability Spotlight: Remote code execution, privilege escalation bugs in Microsoft Azure Sphere

Claudio Bozzato, Lilith and Dave McDaniel of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos researchers recently discovered multiple vulnerabilities in Microsoft’s Azure Sphere, a cloud-connected and custom SoC platform designed specifically with IoT application...

1.1AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/26 6:11 a.m.13 views

What to expect when you're electing: The building blocks of disinformation campaigns

By Nick Biasini, Kendall McKay and Matt Valites. As Cisco Talos discovered during our four-year investigation into election security, securing elections is an extremely difficult, complex task. In the first paper in our election series, “What to expect when you’re electing,” Talos outlined how th...

2.4AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/24 7:44 a.m.23 views

Vulnerability Spotlight: Use-after-free vulnerability in Google Chrome WebGL could lead to code execution

Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Google Chrome web browser contains a use-after-free vulnerability in its WebGL component that could allow a user to execute arbitrary code in the context of the browser process. This vulnerability specifically...

1.4AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/21 2:15 p.m.12 views

Threat Roundup for August 14 to August 21

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 14 and Aug. 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

1.1AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/20 12:18 p.m.16 views

Vulnerability Spotlight: Internet Systems Consortium BIND server DoS

Emanuel Almeida of Cisco Systems discovered this vulnerability. Blog by Jon Munshaw. The Internet Systems Consortium’s BIND server contains a denial-of-service vulnerability that exists when processing TCP traffic through the libuv library. An attacker can exploit this vulnerability by flooding t...

1.8AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/20 11:0 a.m.17 views

Threat Source newsletter for Aug. 20, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Hactivism always seems to cool and noble in the movies. Video games and TV shows have no shortage of their “hacker heroes,” too. But what are the real-world consequences of users who release sensitive information or carry out data...

2.6AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/17 12:13 p.m.13 views

Beers with Talos Ep. #90: Hacktivism – Understanding the real-world consequences

Beers with Talos BWT Podcast episode No. 90 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify StitcherIf iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded July 31, 2020 This week in BWT land, we’re discussin...

1.8AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/17 12:6 p.m.25 views

Beers with Talos Ep. #89: What to do when you're the pwnd one

Beers with Talos BWT Podcast episode No. 89 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify StitcherIf iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded July 17, 2020 The gang's all back this week, and we...

0.1AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/17 7:35 a.m.17 views

Attribution: A Puzzle

By Martin Lee, Paul Rascagneres and Vitor Ventura. Introduction The attribution of cyber attacks is hard. It requires collecting diverse intelligence, analyzing it and deciding who is responsible. Rarely does the evidence available to researchers reach a level of proof that would be acceptable in...

2.8AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/14 1:14 p.m.23 views

Threat Roundup for August 7 to August 14

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 7 and Aug. 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

1.1AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/13 11:46 a.m.16 views

Threat Source newsletter for Aug. 13, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. It’s really tough to attribute cyber attacks. We know it. You know it. But why is that, exactly? And why do we want to attribute attacks so badly anyway? In our latest blog post, we look at why attribution is challenging, and what...

4AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/11 10:47 a.m.26 views

Microsoft Patch Tuesday for Aug. 2020 — Snort rules and prominent vulnerabilities

By Jon Munshaw. Microsoft released its monthly security update Tuesday, disclosing 120 vulnerabilities across its array of products. Sixteen of the vulnerabilities are considered “critical,” including one that Microsoft says is currently being exploited in the wild. Users of all Microsoft and...

1.1AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/10 11:32 a.m.15 views

Barbervisor: Journey developing a snapshot fuzzer with Intel VT-x

By Cory Duplantis. One of the ways vulnerability researchers find bugs is with fuzzing. At a high level, fuzzing is the process of generating and mutating random inputs for a given target to crash it. In 2017, I started developing a bare metal hypervisor for the purposes of snapshot fuzzing:...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/07 3:24 p.m.10 views

Threat Roundup for July 31 to August 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 31 and Aug. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/06 11:0 a.m.15 views

Threat Source newsletter for Aug. 6, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We spend a lot of time talking about what you should do to keep your data safe, and how other organizations should be prepared for the worst. But what happens if the worst happens to you? In the latest Beers with Talos episode, we...

1.4AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/06 7:11 a.m.35 views

Vulnerability Spotlight: Microsoft issues security update for Azure Sphere

Claudio Bozzato, Lilith and Dave McDaniel of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos researchers recently discovered seven vulnerabilities in Microsoft’s Azure Sphere, a cloud-connected SoC platform designed specifically with IoT application security in mind...

1.2AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/05 1:56 p.m.12 views

Threat Roundup for July 17 to July 24

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 17 and July 24. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/05 1:55 p.m.17 views

Threat Roundup for July 24 to July 31

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 24 and July 31. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/05 1:28 p.m.26 views

Vulnerability Spotlight: Two vulnerabilities in SoftPerfect RAM Disk

A Cisco Talos researcher discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos researchers recently discovered that a specific driver in the SoftPerfect RAM disk could allow an adversary to delete files on an arbitrary basis and disclose sensitive information. SoftPerfect RAM Disk is a...

2.5AI score
Exploits0
Talos Blog
Talos Blog
added 2020/08/05 2:53 a.m.38 views

Prometei botnet and its quest for Monero

By Vanja Svajcer. NEWS SUMMARYWe are used to ransomware attacks and big-game hunting making the headlines, but there are still methods adversaries use to monetize their efforts in less intrusive ways.Cisco Talos recently discovered a cryptocurrency-mining botnet attack we're calling "Prometei"...

2.3AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/30 11:0 a.m.20 views

Threat Source newsletter for July 30, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Adversaries love to use headlines as part of their spam campaigns. From COVID-19, to Black Lives Matter and even Black Friday every year, the bad guys are wanting to capitalize on current events. Why is this the case, and when do...

1.6AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/29 8:21 a.m.21 views

Adversarial use of current events as lures

By Nick Biasini. The goal of malicious activity is to compromise the system to install some unauthorized software. Increasingly that goal is tied to one thing: the user. Over the past several years, we as an industry improved exploit mitigation and the value of working exploits has increased...

2.6AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/28 9:0 a.m.23 views

Vulnerability Spotlight: Multiple vulnerabilities in RemoteFX affects, AMD, Intel chips

Piotr Bania of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in Intel’s Graphics Accelerator Driver and in an AMD Radeon driver. The Intel driver was released in 2019 and is used in multiple Intel integrated and...

1.1AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/23 11:0 a.m.18 views

Threat Source newsletter for July 23, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. While ransomware attacks continue to hog all the headlines, cryptocurrency miners are still running the background, sapping computing power from unsuspecting victims. We have what we believe is the first documentation of a new...

1.7AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/22 7:6 a.m.20 views

Beers with Talos Ep. #88: It’s not about the vote, it’s about trust

Beers with Talos BWT Podcast episode No. 88 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify StitcherIf iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded July 7, 2020 Nigel is out this week, but we have a...

0.8AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/22 6:59 a.m.33 views

Beers with Talos Ep. #87: Happy 3rd birthday BWT — It’s story time!

Beers with Talos BWT Podcast episode No. 87 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify StitcherIf iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded June 24, 2020 Has it been three years already? We ha...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/17 2:26 p.m.34 views

Threat Roundup for July 10 to July 17

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 10 and July 17. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/16 11:0 a.m.15 views

Threat Source newsletter for July 16, 2020

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. If you haven’t already, we highly recommend you read our in-depth research paper on election security. This paper represents four years of hands-on research, interviews and insight into how things have changed since 2016, and what...

1.2AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/16 7:7 a.m.16 views

What to expect when you’re electing: Talos’ 2020 election security primer

By Jon Munshaw and Matt Olney. After the 2016 General Election, the talk was all around foreign meddling. Rumors swirled that some votes may have been changed or influenced by state-sponsored actors. Sanctions and accusations followed. Four years later, is the U.S. any more prepared to protect th...

1.6AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/14 1:5 p.m.13 views

Microsoft Patch Tuesday for July 2020 — Snort rules and prominent vulnerabilities

By Jon Munshaw. Microsoft released its monthly security update Tuesday, disclosing more than 120 vulnerabilities across its array of products. While only a few vulnerabilities are considered critical, users of all Microsoft and Windows products are urged to update their software as soon as possib...

1.3AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/10 10:43 a.m.16 views

Threat Roundup for July 3 to July 10

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 3 and July 10. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/10 8:52 a.m.21 views

Vulnerability Spotlight: SQL injection vulnerability in Glacies IceHRM

Yuri Kramarz of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos researchers recently discovered that the Glacies' IceHRM software contains a vulnerability that could allow an adversary to inject SQL. IceHRM is a human resource management tool, allowing users to create...

0.8AI score
Exploits0
Talos Blog
Talos Blog
added 2020/07/08 7:12 a.m.29 views

WastedLocker Goes "Big-Game Hunting" in 2020

By Ben Baker, Edmund Brumaghin, JJ Cummings and Arnaud Zobec. Threat summary After initially compromising corporate networks, the attacker behind WastedLocker performs privilege escalation and lateral movement prior to activating ransomware and demanding ransom payment.The use of "dual-use" tools...

1.9AI score
Exploits0
Total number of security vulnerabilities2033