Clik here to view.
Threat Roundup for August 17-24
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Aug. 17 and 24. As with previous roundups, this post...
View ArticleClik here to view.
Rocke: The Champion of Monero Miners
This post was authored by David Liebenberg. SummaryCryptocurrency miners are becoming an increasingly significant part of the threat landscape. These malicious miners steal CPU cycles from compromised...
View ArticleClik here to view.
Beers with Talos EP 36: There Are Few Shades in the Grey Market
Beers with Talos (BWT) Podcast Ep. #36 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast.Ep. #36...
View ArticleClik here to view.
Threat Roundup for August 24-31
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Aug. 24 and 31. As with previous roundups, this post...
View ArticleClik here to view.
Malicious MDM: Let's Hide This App
This blog post is authored byWarren Mercer and Paul Rascagneres with contributions from Nick BiasiniSummarySince our initial discovery of a malicious mobile device management (MDM) platform that was...
View ArticleClik here to view.
Vulnerability Spotlight: TALOS-2018-0560 - ERPNext SQL Injection Vulnerabilities
Vulnerabilities discovered by Yuri Kramar from the Cisco Security Advisor TeamOverviewTalos is disclosing multiple SQL injection vulnerabilities in the Frappe ERPNext Version 10.1.6 application. Frappe...
View ArticleClik here to view.
Vulnerability Spotlight: CVE-2018-3952 / CVE-2018-4010 - Multi-provider VPN...
Discovered by Paul Rascagneres.OverviewCisco Talos has discovered two similar vulnerabilities in the ProtonVPN and NordVPN VPN clients. The vulnerabilities allow attackers to execute code as an...
View ArticleClik here to view.
Threat Roundup for August 31 to September 7
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Aug. 31 and Sept. 7. As with previous roundups, this post...
View ArticleClik here to view.
Microsoft Patch Tuesday - September 2018
Microsoft released its monthly set of security updates today for a variety of its products that address a variety of bugs. The latest Patch Tuesday covers 61 vulnerabilities, 17 of which are rated...
View ArticleClik here to view.
SigAnalyzer: Signature analysis with CASC
Executive summaryClamAV Signature Creator (CASC) is an IDA Pro plugin that assists in the creation of ClamAV pattern signatures. We have enhanced this plugin to also analyze these signatures. The...
View ArticleClik here to view.
Threat Roundup for September 7 to September 14
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 7 and 14. As with previous roundups, this post...
View ArticleClik here to view.
Beers with Talos EP 37: Snort 3 Beta Uses Multithreading. It’s Super Effective!
Beers with Talos (BWT) Podcast Ep. #37 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast.Ep. #37...
View ArticleClik here to view.
Cyber Threat Alliance Releases Cryptomining Whitepaper
This post is authored by Ashlee Benge.Despite the recent devaluation of some cryptocurrencies, illicit cryptocurrency miners remain a lucrative and widespread attack vector in the threat landscape....
View ArticleClik here to view.
Threat Roundup for September 14 to September 21
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 14 and 21. As with previous roundups, this post...
View ArticleClik here to view.
Adwind Dodges AV via DDE
This blog post is authored byPaul Rascagneres, Vitor Ventura and with the contribution of Tomislav Pericin and Robert Perica from ReversingLabs.IntroductionCisco Talos, along with fellow cybersecurity...
View ArticleClik here to view.
IDA-minsc Wins Second Place in Hex-Rays Plugins Contest
IntroductionAli Rizvi-Santiago of Cisco Talos recently tied for second place in the IDA plugin contest with a plugin named "IDA-minsc." IDA is a multi-processor disassembler and debugger created by the...
View ArticleClik here to view.
Vulnerability Spotlight: Epee Levin Packet Deserialization Code Execution...
This vulnerability was discovered by Lilith (>_>) of Cisco Talos.OverviewThe Epee library, which is leveraged by a large number of cryptocurrencies, contains an exploitable code execution...
View ArticleClik here to view.
VPNFilter III: More Tools for the Swiss Army Knife of Malware
SummaryVPNFilter — a multi-stage, modular framework that has infected hundreds of thousands of network devices across the globe — is now known to possess even greater capabilities. Cisco Talos recently...
View ArticleClik here to view.
Threat Roundup Sept 21 - 28
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 21 and 28. As with previous roundups, this post...
View ArticleClik here to view.
Beers with Talos Ep. #38 — More fun with VPNFilter; Getting pwnd via spreadsheet
Beers with Talos (BWT) Podcast Ep. #38 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing, click here.Ep. #38 show notes: Recorded...
View Article