Talos 2017 0325
TALOS-2017-0325Zabbix Server Active Proxy Trapper Remote Code Execution VulnerabilityApril 27, 2017Report IDCVE-2017-2824SummaryAn exploitable code execution vulnerability exists in the trapper command...
View ArticleTalos 2017 0326
TALOS-2017-0326Zabbix Proxy Server SQL Database Write VulnerabilityApril 27, 2017Report IDCVE-2017-2824SummaryAn exploitable database write vulnerability exists in the trapper functionality of Zabbix...
View ArticleTalos 2017 0294
TALOS-2017-0294Randombit Botan Library X509 Certificate Validation Bypass VulnerabilityApril 28, 2017Report IDCVE-2017-2801SummaryA programming error exists in a way Randombit Botan cryptographic...
View ArticleClik here to view.
Threat Round-up for Apr 21 - Apr 28
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 21 and April 28. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
KONNI: A Malware Under The Radar For Years
This blog was authored by Paul RascagneresExecutive SummaryTalos has discovered an unknown Remote Administration Tool that we believe has been in use for over 3 years. During this time it has managed...
View ArticleClik here to view.
Gmail Worm Requiring You To Give It A Push And Apparently You All Are Really...
This post authored by Sean Baird and Nick BiasiniAttackers are always looking for creative ways to send large amount of spam to victims. A short-lived, but widespread Google Drive themed phishing...
View ArticleClik here to view.
Vulnerability Spotlight: AntennaHouse DMC Library Arbitrary Code Execution Flaws
These vulnerabilities were discovered by Marcin 'Icewall' Noga of Talos.Today, Talos is disclosing several vulnerabilities that have been identified in the AntennaHouse DMC library which is used in...
View ArticleClik here to view.
Vulnerability Spotlight: Power Software PowerISO ISO Code Execution...
These vulnerabilities were discovered by Piotr Bania of Cisco Talos.Today, Talos is releasing details of a new vulnerability discovered within the Power Software PowerISO disk imaging software....
View ArticleClik here to view.
Vulnerability Spotlight: WolfSSL library X.509 Certificate Text Parsing Code...
Discovered by Aleksandar Nikolic of Cisco TalosOverviewTalos is disclosing TALOS-2017-0293 / CVE 2017-2800, a code execution vulnerability in WolfSSL. WolfSSL is a lightweight SSL/TLS library targeted...
View ArticleClik here to view.
Microsoft Patch Tuesday - May 2017
Today, Microsoft has release their monthly set of security updates designed to address vulnerabilities. This month's release addresses 56 vulnerabilities with 15 of them rated critical and 41 rated...
View ArticleClik here to view.
Vulnerability Spotlight: Hangul Word Processor Remote Code Execution...
Vulnerability discovered by Rich Johnson of Talos.OverviewPublished by Hancom inc. the Hangul Office Suite, of which Hangul Word Processor is part, is the leading word processing and office...
View ArticleClik here to view.
Jaff Ransomware: Player 2 Has Entered The Game
This post was written by Nick Biasini, Edmund Brumaghin and Warren Mercer with contributions from Colin GradySummaryTalos is constantly monitoring the email threat landscape and tracking both new...
View ArticleClik here to view.
Threat Round-up for May 05 - May 12
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 05 and May 12. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Player 3 Has Entered the Game: Say Hello to 'WannaCry'
This post was authored by Martin Lee, Warren Mercer, Paul Rascagneres, and Craig Williams.Executive SummaryA major ransomware attack has affected many organizations across the world reportedly...
View ArticleClik here to view.
Arbitrary Code Execution Vulnerabilities in MuPDF Identified and Patched
Talos is disclosing the presence of two vulnerabilities in the Artifex MuPDF renderer. MuPDF is a lightweight PDF parsing and rendering library featuring high fidelity graphics, high speed, and compact...
View ArticleClik here to view.
Beers with Talos Podcast Now Available
The first episodes of Beers with Talos are now available on iTunes and directly on talosintelligence.com/podcasts.When Talos decided to make a threat intelligence podcast, we wanted to make it...
View ArticleClik here to view.
Terror Evolved: Exploit Kit Matures
This post is authored by Holger Unterbrink and Emmanuel TacheauExecutive SummaryTalos is monitoring the major Exploit Kits(EK) on an ongoing basis. While investigating the changes we recently observed...
View ArticleClik here to view.
Cisco Coverage for Adylkuzz, Uiwix, and EternalRocks
When the WannaCry attack was launched a little over a week ago, it was one of the first large scale attacks leveraging the data that was leaked by the Shadow Brokers. At the time the real concern was...
View ArticleClik here to view.
Modified Zyklon and plugins from India
IntroductionStreams of malicious emails Talos inspects every day usually consist of active spamming campaigns for various ransomware families, phishing campaigns and the common malware family suspects...
View ArticleClik here to view.
File2pcap - The Talos Swiss Army Knife of Snort Rule Creation
This post was authored by Martin Zeiser with contributions by Joel EslerAt Talos we are constantly on the lookout for threats to our customers networks, and part of the protection process is creating...
View Article