Clik here to view.
Not So Crystal Clear - Zeus Variant Spoils Ukrainian Holiday
This post was authored by Edmund Brumaghin with contributions from Ben Baker, Dave Maynor and Matthew Molyett.Introduction Talos has observed a cyber attack which was launched using the official...
View ArticleClik here to view.
Threat Round Up for December 29 - January 5
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between December 29 and January 05. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Meltdown and Spectre
Cisco Talos is aware of three new vulnerabilities impacting Intel, AMD, Qualcomm and ARM processors used by almost all computers. We are investigating these issues and although we have not observed...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple Vulnerabilities in the CPP and Parity...
Vulnerabilities discovered by Marcin Noga of Cisco Talos.OverviewTalos is disclosing the presence of multiple vulnerabilities in the CPP and the Parity Ethereum clients.TALOS-2017-0503 / CVE-2017-14457...
View ArticleClik here to view.
Microsoft Patch Tuesday - January 2018
Today Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 56 new...
View ArticleClik here to view.
Vulnerability Spotlight: Ruby Rails Gem XSS Vulnerabilities
Vulnerabilities discovered by Zachary Sanchez of Cisco ASIGOverviewTalos has discovered two XSS vulnerabilities in Ruby Rails Gems. Rails is a Ruby framework designed to create web services or web...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple Unpatched Vulnerabilities in Blender...
Technology has evolved in incredible ways that has helped people to create and visualize media like never before. Today, people can use tools such as Blender to visualize, model, and animate 3D...
View ArticleClik here to view.
Threat Round Up for January 5 - 12
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between January 05 and January 12. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Korea In The Crosshairs
This blog post is authored by Warren Mercer and Paul Rascagneres and with contributions from Jungsoo An.A one year review of campaigns performed by an actor with multiple campaigns mainly linked to...
View ArticleClik here to view.
Vulnerability Spotlight: Tinysvcmdns Multi-label DNS DoS Vulnerability
OverviewTalos is disclosing a single NULL pointer dereference vulnerability in the tinysvcmdns library. Tinysvcmdns is a tiny MDNS responder implementation for publishing services. This is essentially...
View ArticleClik here to view.
Beers with Talos EP20: Crypto, Vuln Disco, and the Spectre Meltdown
Beers with Talos (BWT) Podcast Episode 20 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastEP20...
View ArticleClik here to view.
The Many Tentacles of the Necurs Botnet
This post was written by Jaeson Schultz.IntroductionOver the past five years the Necurs botnet has established itself as the largest purveyor of spam worldwide. Necurs is responsible for emailing...
View ArticleClik here to view.
SamSam - The Evolution Continues Netting Over $325,000 in 4 Weeks
This post was written by Vitor VenturaIntroductionTalos has been working in conjunction with Cisco IR Services on what we believe to be a new variant of the SamSam ransomware. This ransomware has been...
View ArticleClik here to view.
Vulnerability Spotlight: Walt Disney Per-Face Texture Mapping faceInfoSize...
This vulnerability was discovered by Tyler Bohan of Cisco Talos.Executive SummaryWalt Disney PTEX is an open source software application maintained by Walt Disney Animation Studios. It is designed for...
View ArticleClik here to view.
Beers with Talos EP 21: How to Hire the Best, Attribution Without Apaches is...
Beers with Talos (BWT) Podcast Episode 21 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastEP21...
View ArticleClik here to view.
2017 in Snort Signatures.
This post was written by Martin Lee and Vanja Svajcer.2017 was an eventful year for cyber security with high profile vulnerabilities that allowed self-replicating worm attacks such as WannaCry and...
View ArticleClik here to view.
Ransom Where? Malicious Cryptocurrency Miners Takeover, Generating Millions
The Dark Side of the Digital Gold RushThis post was authored by Nick Biasini, Edmund Brumaghin, Warren Mercer and Josh Reynolds with contributions from Azim Khodijbaev and David Liebenberg.Executive...
View ArticleClik here to view.
Flash 0 Day In The Wild: Group 123 At The Controls
This blog post is authored by Warren Mercer and Paul Rascagneres.Executive SummaryThe 1st of February, Adobe published an advisory concerning a Flash vulnerability (CVE-2018-4878). This vulnerability...
View ArticleClik here to view.
Beers with Talos EP 22: Forget the ASA, Rob Joyce Favorited Craig’s Tweet
Beers with Talos (BWT) Podcast Episode 22 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastEP22...
View ArticleClik here to view.
Targeted Attacks In The Middle East
This blog post is authored by Paul Rascagneres with assistance of Martin Lee.Executive SummaryTalos has identified a targeted attack affecting the Middle East. This campaign contains the following...
View Article