Logo
22.04.2017

Nachrichten

Vulnerability Spotlight: Hard-coded Credential Flaw in Moxa ICS Wireless Access Points Identified and Fixed

Earlier this month, Talos responsibly disclosed a set of vulnerabilities in Moxa ICS wireless access points. While most of the vulnerabilities were addressed in the previous set of advisories, Talos has continued to work with Moxa to ensure all remaining vulnerabilities that Talo...

lesen
Logo
21.04.2017

Nachrichten

Threat Spotlight: Mighty Morphin Malware Purveyors: Locky Returns Via Necurs

This post was authored by Nick Biasini Throughout the majority of 2016, Locky was the dominant ransomware in the threat landscape.  It was an early pioneer when it came to using scripting formats Windows hosts would natively handle, like .js, .wsf, and .hta. These scripting forma...

lesen
Logo
21.04.2017

Nachrichten

Threat Round-up for Apr 14 – Apr 21

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 14 and April 21. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highl...

lesen
Logo
19.04.2017

Nachrichten

Vulnerability Spotlight: ARM Mbedtls x509 ECDSA invalid public key Code Execution Vulnerability

Vulnerability Discovered by Aleksandar Nikolic Overview Talos is disclosing TALOS-2017-0274/CVE-2017-2784, a code execution vulnerability in ARM MbedTLS. This vulnerability is specifically related to how MbedTLS handles x509 certificates. MbedTLS is an SSL/TLS implementation aime...

lesen
Logo
18.04.2017

Nachrichten

Vulnerability Spotlight: Information Disclosure Vulnerability in Lexmark Perceptive Document Filters

Discovered by Marcin ‘Icewall’ Noga of Cisco Talos. Talos are today releasing a new vulnerability discovered within the Lexmark Perceptive Document Filters library. TALOS-2017-0302 allows for information disclosure using specifically crafted files. Overview The vulner...

lesen
Logo
15.04.2017

Nachrichten

Cisco Coverage for Shadow Brokers 2017-04-14 Information Release

On Friday, April 14, the actor group identifying itself as the Shadow Brokers released new information containing exploits for previously disclosed and undisclosed vulnerabilities that affect various versions of Microsoft Windows, as well as applications such as Lotus Domino. Add...

lesen
Logo
14.04.2017

Nachrichten

Threat Round-up for Apr 7 – Apr 14

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 7 and April 14. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highli...

lesen
Logo
14.04.2017

Nachrichten

Threat Round-up for Apr 7 – Apr 14

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 7 and April 14. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highli...

lesen
Logo
14.04.2017

Nachrichten

Cisco Coverage for CVE-2017-0199

Over the past week, information regarding a serious zero-day vulnerability (CVE-2017-0199) in Microsoft Office was publically disclosed. Since learning of this flaw, Talos has been actively investigating the issue. Preliminary reports indicated that this vulnerability was activel...

lesen
Logo
14.04.2017

Nachrichten

Cisco Coverage for CVE-2017-0199

Over the past week, information regarding a serious zero-day vulnerability (CVE-2017-0199) in Microsoft Office was publically disclosed. Since learning of this flaw, Talos has been actively investigating the issue. Preliminary reports indicated that this vulnerability was activel...

lesen
Logo
12.04.2017

Nachrichten

Microsoft Patch Tuesday – April 2017

Today we bring you April’s Microsoft Patch Tuesday information for vulnerabilities in Outlook, Edge, Internet Explorer, Hyper-V, .NET, and Scripting Engine....

lesen
Logo
12.04.2017

Nachrichten

Microsoft Patch Tuesday – April 2017

It’s that time again! Today we bring you April’s Microsoft Patch Tuesday information. These fixed vulnerabilities affect Outlook, Edge, Internet Explorer, Hyper-V, .NET, and Scripting Engine. Read more »...

lesen
Logo
10.04.2017

Nachrichten

From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only 2 Weeks

Inspired by "From LOW to PWNED," we decided to take a look at one Industrial Control System (ICS) wireless access point and see just how many vulnerabilities we could find in two weeks....

lesen
Logo
10.04.2017

Nachrichten

From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only 2 Weeks

Inspired by "From LOW to PWNED," we decided to take a look at one Industrial Control System (ICS) wireless access point and see just how many vulnerabilities we could find in two weeks....

lesen
Logo
07.04.2017

Nachrichten

Threat Round-up for Mar 31 – Apr 7

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between March 31 and April 7. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highli...

lesen
Logo
07.04.2017

Nachrichten

Threat Round-up for Mar 31 – Apr 7

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between March 31 and April 7. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highli...

lesen
Logo
06.04.2017

Nachrichten

Hacking the Belkin E Series OmniView 2-Port KVM Switch

Author: Ian Payton, Security Advisory EMEAR Introduction Too frequently security professionals only consider software vulnerabilities when considering the risks of connecting devices to their networks and systems. When it comes to considering potential risks of connected devices ...

lesen
Logo
06.04.2017

Nachrichten

Hacking the Belkin E Series OmniView 2-Port KVM Switch

Author: Ian Payton, Security Advisory EMEAR Introduction Too frequently security professionals only consider software vulnerabilities when considering the risks of connecting devices to their networks and systems. When it comes to considering potential risks of connected devices ...

lesen
Logo
03.04.2017

Nachrichten

Introducing ROKRAT

This blog was authored by Warren Mercer and Paul Rascagneres with contributions from Matthew Molyett. Executive Summary A few weeks ago, Talos published research on a Korean MalDoc. As we previously discussed this actor is quick to cover their tracks and very quickly cleaned up t...

lesen
Logo
03.04.2017

Nachrichten

Introducing ROKRAT

This blog was authored by Warren Mercer and Paul Rascagneres with contributions from Matthew Molyett. Executive Summary A few weeks ago, Talos published research on a Korean MalDoc. As we previously discussed this actor is quick to cover their tracks and very quickly cleaned up t...

lesen
Logo
31.03.2017

Nachrichten

Threat Round-up for Mar 24 – Mar 31

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between March 24 and March 31. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highl...

lesen
Logo
31.03.2017

Nachrichten

Threat Round-up for Mar 24 – Mar 31

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between March 24 and March 31. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highl...

lesen
Logo
31.03.2017

Nachrichten

Threat Spotlight: Sundown Matures

This post authored by Nick Biasini with contributions from Edmund Brumaghin and Alex Chiu The last time Talos discussed Sundown it was an exploit kit in transition. Several of the large exploit kits had left the landscape and a couple of strong contenders remain. Sundown was one ...

lesen
Logo
31.03.2017

Nachrichten

Threat Spotlight: Sundown Matures

This post authored by Nick Biasini with contributions from Edmund Brumaghin and Alex Chiu The last time Talos discussed Sundown it was an exploit kit in transition. Several of the large exploit kits had left the landscape and a couple of strong contenders remain. Sundown was one ...

lesen
Logo
27.03.2017

Nachrichten

Vulnerability Spotlight: Certificate Validation Flaw in Apple macOS and iOS Identified and Patched

Most people don’t give much thought to what happens when you connect to your bank’s website or log in to your email account. For most people, securely connecting to a website seems as simple as checking to make sure the little padlock in the address bar is present. Ho...

lesen
Logo
24.03.2017

Nachrichten

Threat Round-up for the Week of Mar 20 – Mar 24

Talos is publishing a summary glimpse into the most prevalent threats observed over the past week....

lesen
Logo
23.03.2017

Nachrichten

How Malformed RTF Defeats Security Engines

This post is authored by Paul Rascagneres with contributions from Alex McDonnell Executive Summary Talos has discovered a new spam campaign used to infect targets with the well known  Loki Bot stealer. The infection vector is an RTF document abusing an old exploit (CVE-2012-1856)...

lesen
Logo
22.03.2017

Nachrichten

Vulnerability Spotlight: Code Execution Vulnerability in LabVIEW

Overview LabVIEW is a system design and development platform released by National Instruments. The software is widely used to create applications for data acquisition, instrument control and industrial automation. Talos is disclosing the presence of a code execution vulnerability...

lesen
Logo
20.03.2017

Nachrichten

Necurs Diversifies Its Portfolio

The post was authored by Sean Baird, Edmund Brumaghin and Earl Carter, with contributions from Jaeson Schultz. Executive Summary The Necurs botnet is the largest spam botnet in the world. Over the past year it has been used primarily for the distribution of Locky ransomware and D...

lesen
Logo
17.03.2017

Nachrichten

Threat Round-up for the Week of Mar 13 – Mar 17

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed over the past week. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key...

lesen
Logo
14.03.2017

Nachrichten

Microsoft Patch Tuesday – March 2017

Following a sparse February patch Tuesday, today’s March release brings a bumper crop of fixed vulnerabilities: 17 bulletins covering 140 different vulnerabilities, 47 of which are rated as critical. The critical vulnerabilities affect Internet Explorer, Edge, Hyper-V, Windows PD...

lesen
Logo
30.01.2017

Nachrichten

EyePyramid: An Archaeological Journey

The few last days, a malware sample named EyePyramid has received considerable attention, especially in Italy. The Italian police have arrested two suspects and also published a preliminary report of the investigation. This malware is notable due to the targeting of Italian celeb...

lesen
Logo
27.01.2017

Nachrichten

Matryoshka Doll Reconnaissance Framework

This post authored by David Maynor & Paul Rascagneres with the contribution of Alex McDonnell and Matthew Molyett Overview Talos has identified a malicious Microsoft Word document with several unusual features and an advanced workflow, performing reconnaissance on the targete...

lesen
Logo
23.01.2017

Nachrichten

Vulnerability Spotlight – LibBPG Image Decoding Code Execution

Overview Talos is disclosing TALOS-2016-0259 / CVE-2016-8710. An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds ...

lesen
Logo
20.01.2017

Nachrichten

Vulnerability Spotlight: Adobe Acrobat Reader DC jpeg Decoder Vulnerability

Discovered by Aleksandar Nikolic of Cisco Talos Overview Talos is disclosing TALOS-2016-0259 / CVE-2016-9041 an uninitialized memory vulnerability in Adobe Acrobat Reader DC. Adobe Acrobat Reader is one of the largest and well known PDF readers available today. This particular vu...

lesen
Logo
19.01.2017

Nachrichten

Without Necurs, Locky Struggles

This post authored by Nick Biasini with contributions from Jaeson Schultz Locky has been a devastating force for the last year in the spam and ransomware landscape. The Locky variant of ransomware has been responsible for huge amounts of spam messages being sent on a daily basis....

lesen
Logo
18.01.2017

Nachrichten

Vulnerability Spotlight: Multiple Code Execution Vulnerabilities in Oracle Outside In Technology

These vulnerabilities were discovered by Aleksandar Nikolic of Cisco Talos. Summary Oracle’s Outside In Technology (OIT) is a set of SDKs that software developers can use to perform various actions against a large number of different file formats. According to the OIT websi...

lesen
Logo
16.01.2017

Artikel

Die Verschmelzung von Big Data Analytics mit der IT

Von „Embedded-Big-Data-Analysen“ spricht man zum einen, wenn sich Big Data Analytics direkt in bestehende Anwendungen einbetten lässt. Doch auch im Internet of Things (IoT) spielt Embedded Analytics eine tragende Rolle.

lesen
Logo
13.01.2017

Artikel

Investition in Weiterbildung lohnt sich

Digitalisierung ohne Security wird es nicht mehr geben. Davon ist Jutta Gräfensteiner, Channel-Chefin bei Cisco Deutschland überzeugt.

lesen
Logo
12.01.2017

Nachrichten

Vulnerability Spotlight: Exploiting the Aerospike Database Server

Vulnerabilities discovered by Talos Talos is disclosing multiple vulnerabilities discovered in the Aerospike Database Server. These vulnerabilities range from memory disclosure to potential remote code execution. This software is used by various companies that require a high perf...

lesen