Clik here to view.
JasperLoader Emerges, Targets Italy with Gootkit Banking Trojan
Nick Biasini and Edmund Brumaghin authored this blog post with contributions from Andrew Williams.Introduction to JasperLoaderMalware loaders are playing an increasingly important role in malware...
View ArticleClik here to view.
Threat Source (April 25)
Newsletter compiled by Jonathan Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.If you haven’t yet, there’s still...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple vulnerabilities in Sierra Wireless AirLink...
Carl Hurd and Jared Rittle of Cisco Talos discovered these vulnerabilities.Executive summarySeveral exploitable vulnerabilities exist in the Sierra Wireless AirLink ES450, an LTE gateway designed for...
View ArticleClik here to view.
Threat Roundup for April 19 to April 26
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 19 and April 26. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Beers with Talos Ep. #52: I don't trust you because I care
Beers with Talos (BWT) Podcast Ep. #52 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing, click here.Recorded April 26, 2019 - Since...
View ArticleClik here to view.
Sodinokibi ransomware exploits WebLogic Server vulnerability
This blog was authored by Pierre Cadieux, Colin Grady, Jaeson Schultz and Matt ValitesAttackers are actively exploiting a recently disclosed vulnerability in Oracle WebLogic to install a new variant of...
View ArticleClik here to view.
Qakbot levels up with new obfuscation techniques
Ashlee Benge of Cisco Talos and Nick Randolph of the Threat Grid Research and Efficacy team authored this blog post.Executive summaryQakbot, also known as Qbot, is a well-documented banking trojan that...
View ArticleClik here to view.
Threat Source (May 2, 2019)
Newsletter compiled by Jonathan Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.If you haven’t yet, there’s still...
View ArticleClik here to view.
Threat Roundup for April 26 to May 3
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 26 and May 03. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple bugs in several Jenkins plugins
Peter Adkins of Cisco Umbrella discovered these vulnerabilities.Executive summaryJenkins is an open-source automation server written in Java. There are several plugins that exist to integrate Jenkins...
View ArticleClik here to view.
Vulnerability Spotlight: Remote code execution bug in SQLite
Cory Duplantis of Cisco Talos discovered this vulnerability.Executive summarySQLite contains an exploitable use-after-free vulnerability that could allow an attacker to gain the ability to remotely...
View ArticleClik here to view.
Threat Source newsletter (May 9)
Newsletter compiled by Jonathan Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.If you haven’t yet, there’s still...
View ArticleClik here to view.
Threat Roundup for May 3 to May 10
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 03 and May 10. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple vulnerabilities in the Roav A1 Dashcam
Lilith Wyatt of Cisco Talos discovered these vulnerabilities.Executive Summary Cisco Talos is disclosing multiple vulnerabilities in the Anker Roav A1 Dashcam and the Novatek NT9665X chipset. The Roav...
View ArticleClik here to view.
Microsoft Patch Tuesday — May 2019: Vulnerability disclosures and Snort coverage
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 79 vulnerabilities, 22 of which are rated...
View ArticleClik here to view.
Vulnerability Spotlight: Remote code execution vulnerabilities in Adobe...
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities.Executive summaryThere are two remote code execution vulnerabilities in Adobe Acrobat Reader that could occur if a user were to open a...
View ArticleClik here to view.
Vulnerability Spotlight: Remote code execution bug in Antenna House Rainbow...
Emmanuel Tacheau of Cisco Talos discovered this vulnerability.Executive summaryA buffer overflow vulnerability exists in Antenna House’s Rainbow PDF when the software attempts to convert a PowerPoint...
View ArticleClik here to view.
Threat Source newsletter (May 16)
Newsletter compiled by Jonathan Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.We were packed with vulnerabilities...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple vulnerabilities in Wacom Update Helper
Tyler Bohan of Cisco Talos discovered these vulnerabilities.Executive summaryThere are two privilege escalation vulnerabilities in the Wacom update helper. The update helper is a utility installed...
View ArticleClik here to view.
Recent MuddyWater-associated BlackWater campaign shows signs of new...
This blog was authored by Danny Adamitis, David Maynor, and Kendall McKayExecutive summaryCisco Talos assesses with moderate confidence that a campaign we recently discovered called "BlackWater" is...
View Article