Quantcast
Channel: Cisco Talos Blog
Viewing all 1927 articles
Browse latest View live

Threat Source newsletter for July 30, 2020

July 30, 2020, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Adversaries love to use headlines as part of their spam campaigns. From COVID-19, to Black Lives Matter and even Black Friday every year, the bad guys are wanting to capitalize on current events. Why is this the case, and when do they decide to jump on headlines?  In our latest blog post, we look at this technique and examine the advantages and disadvantages of trying to leverage the biggest news.   Cyber...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Threat Roundup for July 24 to July 31

July 31, 2020, 1:27 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 24 and July 31. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats. As a reminder, the information provided for the following threats in this post is...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Microsoft issues security update for Azure Sphere

July 31, 2020, 1:29 pm
$
0
0
Claudio Bozzato, Lilith >_> and Dave McDaniel of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos researchers recently discovered seven vulnerabilities in Microsoft’s Azure Sphere, a cloud-connected SoC platform designed specifically with IoT application security in mind. The infrastructure around the Azure Sphere platform is Microsoft’s Azure Sphere cloud, which takes care of secure updates, app deployment, and periodically verifying the device integrity....

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Beers with Talos Ep. #89: What to do when you're the pwnd one

August 4, 2020, 6:22 am
$
0
0
Beers with Talos (BWT) Podcast episode No. 88 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify   StitcherIf iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded July 17, 2020 The gang's all back this week, and we take on what happens when you get pwnd, hacked, or your data is leaked. It happens to all of us eventually, one quick moment connecting to public WiFi, clicking on a bad...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Two vulnerabilities in SoftPerfect RAM Disk

August 4, 2020, 3:54 pm
$
0
0
A Cisco Talos researcher discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos researchers recently discovered that a specific driver in the SoftPerfect RAM disk could allow an adversary to delete files on an arbitrary basis and disclose sensitive information. SoftPerfect RAM Disk is a high-performance RAM disk application that allows the user to store a disk from their computer on the device’s space. An attacker could exploit this vulnerability to point to a specific filepath and...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter for Aug. 6, 2020

August 6, 2020, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers.  We spend a lot of time talking about what you should do to keep your data safe, and how other organizations should be prepared for the worst. But what happens if the worst happens to you?  In the latest Beers with Talos episode, we walk you through what to do if you’re the one who gets owned — even if it’s not your fault at all.  We also have the details out on several vulnerabilities in Microsoft Azure Sphere....

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for July 31 to August 7

August 7, 2020, 3:24 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 31 and Aug. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats. As a reminder, the information provided for the following threats in this post is...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Barbervisor: Journey developing a snapshot fuzzer with Intel VT-x

August 10, 2020, 8:01 am
$
0
0
By Cory Duplantis. One of the ways vulnerability researchers find bugs is with fuzzing. At a high level, fuzzing is the process of generating and mutating random inputs for a given target to crash it. In 2017, I started developing a bare metal hypervisor for the purposes of snapshot fuzzing: fuzzing small subsets of programs from a known, static starting state. This involved working on a custom kernel that could be booted on bare metal. Having not done any operating system development before,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Microsoft Patch Tuesday for Aug. 2020 — Snort rules and prominent vulnerabilities

August 11, 2020, 10:47 am
$
0
0
By Jon Munshaw.  Microsoft released its monthly security update Tuesday, disclosing 120 vulnerabilities across its array of products.  Sixteen of the vulnerabilities are considered “critical,” including one that Microsoft says is currently being exploited in the wild. Users of all Microsoft and Windows products are urged to update their software as soon as possible to avoid possible exploitation of all these bugs. The security updates cover several different products including...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Attribution: A Puzzle

August 13, 2020, 6:08 am
$
0
0
By Martin Lee, Paul Rascagneres and Vitor Ventura.  Introduction The attribution of cyber attacks is hard. It requires collecting diverse intelligence, analyzing it and deciding who is responsible. Rarely does the evidence available to researchers reach a level of proof that would be acceptable in a court of law. Nevertheless, the private sector rises to the challenge to attempt to associate cyber attacks to threat actors using the intelligence available to them. This intelligence takes...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter for Aug. 13, 2020

August 13, 2020, 11:46 am
$
0
0
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers.  It’s really tough to attribute cyber attacks. We know it. You know it. But why is that, exactly? And why do we want to attribute attacks so badly anyway? In our latest blog post, we look at why attribution is challenging, and what pitfalls private researchers and government agencies alike face.   If you haven’t already, you need to update your Microsoft products. Patch Tuesday was this week, and with it came...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for August 7 to August 14

August 14, 2020, 1:14 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 7 and Aug. 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats. As a reminder, the information provided for the following threats in this post is...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Beers with Talos Ep. #90: Hacktivism – Understanding the real-world consequences

August 17, 2020, 12:13 pm
$
0
0
Beers with Talos (BWT) Podcast episode No. 90 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify   StitcherIf iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded July 31, 2020 This week in BWT land, we’re discussing hacktivism — from the unintended consequences to the tropes perpetuated by Hollywood. Regardless of the reason or cause, hacktivism often wields DDoS and web defacement...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter for Aug. 20, 2020

August 20, 2020, 11:00 am
$
0
0
 Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers.  Hactivism always seems to cool and noble in the movies. Video games and TV shows have no shortage of their “hacker heroes,” too. But what are the real-world consequences of users who release sensitive information or carry out data breaches in the name of their idea of good?  That's what the newest Beers with Talos episode is all about. The crew also digs deeper into the ethical considerations of hacktivism,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Internet Systems Consortium BIND server DoS

August 20, 2020, 12:18 pm
$
0
0
Emanuel Almeida of Cisco Systems discovered this vulnerability. Blog by Jon Munshaw. The Internet Systems Consortium’s BIND server contains a denial-of-service vulnerability that exists when processing TCP traffic through the libuv library. An attacker can exploit this vulnerability by flooding the TCP port and forcing the service to terminate. The BIND nameserver is considered the reference implementation of the Domain Name System of the internet. It is capable of being an authoritative name...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Threat Roundup for August 14 to August 21

August 21, 2020, 2:15 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 14 and Aug. 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats. As a reminder, the information provided for the following threats in this post is...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Use-after-free vulnerability in Google Chrome WebGL could lead to code execution

August 24, 2020, 7:44 am
$
0
0
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Google Chrome web browser contains a use-after-free vulnerability in its WebGL component that could allow a user to execute arbitrary code in the context of the browser process. This vulnerability specifically exists in ANGLE, a compatibility layer between OpenGL and Direct3D that Chrome uses on Windows systems. An adversary could manipulate the memory layout of the browser in a way that they could gain...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Remote code execution, privilege escalation bugs in Microsoft Azure Sphere

August 24, 2020, 12:28 pm
$
0
0
Claudio Bozzato, Lilith >_> and Dave McDaniel of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos researchers recently discovered multiple vulnerabilities in Microsoft’s Azure Sphere, a cloud-connected and custom SoC platform designed specifically with IoT application security in mind. Internally, the SoC is made up of a set of several ARM cores that have different roles (e.g. running different types of applications, enforcing security, and managing...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

What to expect when you're electing: The building blocks of disinformation campaigns

August 26, 2020, 6:11 am
$
0
0
By Nick Biasini, Kendall McKay and Matt Valites. As Cisco Talos discovered during our four-year investigation into election security, securing elections is an extremely difficult, complex task. In the first paper in our election series, “What to expect when you’re electing,” Talos outlined how the key geopolitical objective of our adversaries is to weaken the faith the world has in Western-style democracy. One component of these objectives is disinformation.  While disinformation...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter for Aug. 27, 2020

August 27, 2020, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers.  As part of our continued look at election security ahead of the November election, we have another research paper out this week. This time, we’re taking a closer look at disinformation campaigns, popularly known as “fake news.” This paper builds on the first “What to expect when you’re electing” report by focusing on the infrastructure supporting these complex campaigns.  On the vulnerability side of things, we also...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Viewing all 1927 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>