Clik here to view.
CCleaner Command and Control Causes Concern
This post was authored by Edmund Brumaghin, Earl Carter, Warren Mercer, Matthew Molyett, Matthew Olney, Paul Rascagneres and Craig Williams.Note: This blog post discusses active research by Talos into...
View ArticleClik here to view.
FIN7 Group Uses JavaScript and Stealer DLL Variant in New Attacks
This post was authored by Michael Gorelik and Josh ReynoldsExecutive SummaryThroughout this blog post we will be detailing a newly discovered RTF document family that is being leveraged by the FIN7...
View ArticleClik here to view.
Banking Trojan Attempts To Steal Brazillion$
This post was authored by Warren Mercer, Paul Rascagneres and Vanja SvajcerIntroductionBanking trojans are among some of the biggest threats to everyday users as they directly impact the user in terms...
View ArticleClik here to view.
Threat Round Up for Sept 22 - Sept 29
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between September 22 and September 29. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Beers with Talos EP14: Ranking Threats and Avoiding Bush League Breach Response
Beers with Talos (BWT) Podcast Episode 14 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastEP14...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple vulnerabilities in Computerinsel Photoline
These vulnerabilities are discovered by Piotr Bania of Cisco Talos.Today, Talos is releasing details of multiple vulnerabilities discovered within the Computerinsel GmbH PhotoLine image processing...
View ArticleClik here to view.
Vulnerability Spotlight: Arbitrary Code Execution Bugs in Simple DirectMedia...
Today, Talos is disclosing two vulnerabilities that have been identified in the Simple DirectMedia Layer library. Simple DirectMedia Layer (SDL) is a cross-platform development library designed for use...
View ArticleClik here to view.
Microsoft Patch Tuesday - October 2017
Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 63 new...
View ArticleClik here to view.
Spoofed SEC Emails Distribute Evolved DNSMessenger
This post was authored by Edmund Brumaghin, Colin Grady, with contributions from Dave Maynor and @Simpo13.Executive SummaryCisco Talos previously published research into a targeted attack that...
View ArticleClik here to view.
Disassembler and Runtime Analysis
This post was authored by Paul Rascagneres.IntroductionIn the CCleaner 64bit stage 2 previously described in our blog, we explained that the attacker modified a legitimate executable that is part of...
View ArticleClik here to view.
Threat Round Up for Oct 6 - Oct 13
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between October 6 and October 13. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Beers with Talos EP 15: Landing a Job, Phishing Midstream, and Paul’s IDA...
Beers with Talos (BWT) Podcast Episode 15 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastEP15...
View ArticleClik here to view.
Vulnerability Spotlight: Google PDFium Tiff Code Execution
OverviewTalos is disclosing a single off-by-one read/write vulnerability found in the TIFF image decoder functionality of PDFium as used in Google Chrome up to and including version 60.0.3112.101....
View ArticleClik here to view.
“Cyber Conflict” Decoy Document Used In Real Cyber Conflict
This post was authored by Warren Mercer, Paul Rascagneres and Vitor VenturaIntroductionCisco Talos discovered a new malicious campaign from the well known actor Group 74 (aka Tsar Team, Sofacy, APT28,...
View ArticleClik here to view.
Threat Spotlight: Follow the Bad Rabbit
Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues.On October 24, 2017, Cisco Talos...
View ArticleClik here to view.
Vulnerability Spotlight: Apache OpenOffice Vulnerabilities
Discovered by Marcin ‘Icewall’ Noga of Cisco TalosOverviewToday, Talos is releasing details of three new vulnerabilities discovered within Apache OpenOffice application. The first vulnerability,...
View ArticleClik here to view.
Threat Round Up for Oct 20 - Oct 27
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between October 20 and October 27. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Vulnerability Spotlight: Multiple Vulnerabilities in Cesanta Mongoose Server
These vulnerabilities were discovered by Aleksandar Nikolic of Cisco TalosToday, Talos is disclosing several vulnerabilities that have been identified in Cesanta Mongoose server. Cesanta Mongoose is a...
View ArticleClik here to view.
Vulnerability Spotlight: The Circle of a Bug’s Life
OverviewCisco Talos is disclosing several vulnerabilities identified in Circle with Disney. Circle with Disney is a network device designed to monitor the Internet use of children on a given network....
View ArticleClik here to view.
Poisoning the Well: Banking Trojan Targets Google Search Results
This blog post was authored by Edmund Brumaghin, Earl Carter and Emmanuel Tacheau.SummaryIt has become common for users to use Google to find information that they do not know. In a quick Google search...
View Article