Clik here to view.
Hunting for LoLBins
By Vanja Svajcer.IntroductionAttackers' trends tend to come and go. But one popular technique we're seeing at this time is the use of living-off-the-land binaries — or "LoLBins". LoLBins are used by...
View ArticleClik here to view.
Custom dropper hide and seek
Executive summaryMost users assume they are safe when surfing the web on a daily basis. But information-stealing malware can operate in the background of infected systems, looking to steal users'...
View ArticleClik here to view.
Threat Source newsletter (Nov. 14, 2019)
Newsletter compiled by Jon Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.It was all about the bugs this week. Patch...
View ArticleClik here to view.
How the new Talos IR Cyber Range can prepare your employees for a cyber attack
By Gerard Johansen, Charles Iszard and Luke DuCharme.With the surge of ransomware attacks, information leaks and other cyber attacks in the headlines, most companies and organizations are aware that...
View ArticleClik here to view.
Cryptominers, ransomware among top malware in IR engagements in Q4
By David Liebenberg and Kendall McKay.This summer’s most popular malware families were commonly seen, unsophisticated attacks, with phishing being the top infection vector, according to Cisco Talos...
View ArticleClik here to view.
Beers with Talos Ep. #66: I Choose YOU! Attackers view of targets, RLAs, scam...
By Mitch Neff.Beers with Talos (BWT) Podcast episode No. 66 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing, click here.Recorded...
View ArticleClik here to view.
Vulnerability Spotlight: Two remote code execution vulnerabilities in Xcftools
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Xcftools contains two remote code execution vulnerabilities in its flattenIncrementally function. Xcftools is a set of tools for...
View ArticleClik here to view.
Vulnerability Spotlight: Tenda AC9 /goform/WanParameterSetting command...
Amit Raut of Cisco Talos discovered this vulnerability.Cisco Talos recently discovered a command injection vulnerability in the Tenda AC9 router. The Tenda AC9 is one of the most popular and affordable...
View ArticleClik here to view.
Threat Source newsletter (Nov. 21, 2019)
Newsletter compiled by Jon Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.It’s nearly holiday shopping season, which...
View ArticleClik here to view.
Threat Roundup for November 15 to November 22
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 15 and Nov. 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Best practices for staying safe online during the holiday shopping season
By Jon Munshaw.This holiday shopping season, the basics of avoiding a malware infection boils down to: If it sounds too good to be true, it probably is.While sometimes retailers do give out...
View ArticleClik here to view.
Vulnerability Spotlight: Accusoft ImageGear PNG IHDR width code execution...
Marcin Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Accusoft ImageGear contains two remote code execution vulnerabilities. ImageGear is a document and imaging library from...
View ArticleClik here to view.
Vulnerability Spotlight: SQL injection vulnerabilities in Forma Learning...
Yuri Kramarz of Security Advisory EMEAR discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered three SQL injection vulnerabilities in the authenticated portion of the...
View ArticleClik here to view.
Vulnerability Spotlight: Two vulnerabilities in EmbedThis GoAhead
A Cisco Talos researcher discovered these vulnerabilities. Blog by Jon Munshaw. EmbedThis’ GoAhead Web Server contains two vulnerabilities that both arise when the software attempts to process a...
View ArticleClik here to view.
ClamAV team shows off new Mussels dependency build automation tool
By Micah Snyder.Today I'm very excited, and a little bit nervous, to unveil Mussels. Mussels is a cross-platform, general-purpose dependency build automation tool. You might compare it with Vcpkg,...
View ArticleClik here to view.
Vulnerability Spotlight: AMD ATI Radeon ATIDXX64.DLL shader functionality...
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered a denial-of-service vulnerability in a specific dll inside of the AMD ATI Radeon line of...
View ArticleClik here to view.
Threat Source newsletter (Dec. 5, 2019)
Newsletter compiled by Jon Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.We hope everyone had a safe and happy...
View ArticleClik here to view.
Threat Roundup for November 29 to December 6
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 29 and Dec. 6. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Beers with Talos Ep. #67: Inside Incident Response
By Mitch Neff.Beers with Talos (BWT) Podcast episode No. 67 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing, click here.Recorded...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple vulnerabilities in LEADTOOLS software
Marcin Towalski and Cory Duplantis of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.Cisco Talos recently discovered multiple vulnerabilities in the LEADTOOLS line of imaging...
View Article