Talos Group- Cisco blog

Subscribe to Talos Group- Cisco blog hírcsatorna
Frissítve: 1 óra 18 perc
2018. március 13.

Microsoft Patch Tuesday – March 2018

Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 74 new...
2018. március 6.

Gozi ISFB Remains Active in 2018, Leverages “Dark Cloud” Botnet For Distribution

Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years. Banking trojans are a widely distributed type of...
2018. március 1.

Vulnerability Spotlight: Simple DirectMedia Layer’s SDL2_Image

Overview Talos is disclosing several vulnerabilities identified in Simple DirectMedia Layer's SDL2_Image library that could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low...
2018. március 1.

Vulnerability Spotlight: Dovecot out-of-bounds Read Vulnerability


Today, Cisco Talos is disclosing a single out-of-bounds read vulnerability in the Dovecot IMAP server. Dovecot is a popular internet message access protocol, or IMAP, server...

2018. február 28.

CannibalRAT targets Brazil

Malware continues to evolve in different ways and forms, one of which is the language it is written in, from Visual C++, to Powershell, almost everything has been used to...
2018. február 26.

Who Wasn’t Responsible for Olympic Destroyer?

This blog post is authored by Paul Rascagneres and Martin Lee. Summary Evidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow...
2018. február 23.

Vulnerability Spotlight: Adobe Acrobat Reader DC Document ID Remote Code Execution Vulnerability

Today, Talos is releasing details of a new vulnerability within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and most feature-rich PDF reader. It has a big...
2018. február 14.

COINHOARDER: Tracking a Ukrainian Bitcoin Phishing Ring DNS Style

This post is authored by Jeremiah O'Connor and Dave Maynor with contributions from Artsiom Holub and Austin McBride.  Executive Summary Cisco has been tracking a bitcoin theft campaign for...
2018. február 13.

Microsoft Patch Tuesday – February 2018

Microsoft Patch Tuesday - February 2018 Today Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory...
2018. február 12.

Olympic Destroyer Takes Aim At Winter Olympics

The Winter Olympics this year is being held in Pyeongchang, South Korea. The Guardian, a UK Newspaper reported an article that suggested the Olympic computer systems suffered technical issues during...
2018. február 7.

Targeted Attacks In The Middle East

This blog post is authored by Paul Rascagneres with assistance of Martin Lee. Executive Summary Talos has identified a targeted attack affecting the Middle East. This campaign contains the following...
2018. február 2.

Flash 0 Day In The Wild: Group 123 At The Controls

The 1st of February, Adobe published an advisory concerning a Flash vulnerability (CVE-2018-4878). This vulnerability is a use after free that allows Remote Code Execute through a malformed Flash object....
2018. január 31.

Ransom Where? Malicious Cryptocurrency Miners Takeover, Generating Millions

The Dark Side of the Digital Gold Rush This post was authored by Nick BiasiniEdmund BrumaghinWarren Mercer and Josh Reynolds with contributions from Azim Khodijbaev and David Liebenberg.

2018. január 29.

2017 in Snort Signatures.

2017 was an eventful year for cyber security with high profile vulnerabilities that allowed self-replicating worm attacks such as WannaCry and BadRabbit to impact...
2018. január 26.

Vulnerability Spotlight: Walt Disney Per-Face Texture Mapping faceInfoSize Code Execution Vulnerability

This vulnerability was discovered by Tyler Bohan of Cisco Talos. Executive Summary Walt Disney PTEX is an open source software application maintained by Walt Disney Animation Studios. It is...
2018. január 22.

SamSam – The Evolution Continues Netting Over $325,000 in 4 Weeks

Talos have been working in conjunction with Cisco IR Services on what we believe to be a new variant of the SamSam ransomware. This ransomware has been observed across multiple industries including Government, Healthcare and ICS. These attacks do not appear to be highly targeted, and appear to be more opportunistic in nature. Given SamSam’s victimology its […]
2018. január 18.

The Many Tentacles of the Necurs Botnet

This post was written by Jaeson Schultz. Introduction Over the past five years the Necurs botnet has established itself as the largest purveyor of spam worldwide. Necurs is responsible for emailing massive amounts of banking malware, ransomware, dating spam, pump-n-dump stock scams, work from home schemes, and even cryptocurrency wallet credential phishing. Necurs sends so much […]
2018. január 17.

Vulnerability Spotlight: Tinysvcmdns Multi-label DNS DoS Vulnerabilility

Overview Talos is disclosing a single NULL pointer dereference vulnerability in the tinysvcmdns library. Tinysvcmdns is a tiny MDNS responder implementation for publishing services. This is essentially a mini and embedded version of Avahi or Bonjour. Read More >>
2018. január 16.

Korea In The Crosshairs

This blog post is authored by Warren Mercer and Paul Rascagneres and with contributions from Jungsoo An. This article exposes the malicious activities of Group 123 during 2017. We assess with high confidence that Group 123 was responsible for the following six campaigns: “Golden Time” campaign. “Evil New Year” campaign. “Are you Happy?” campaign. “FreeMilk” campaign. “North Korean Human […]
2018. január 11.

Vulnerability Spotlight: Multiple Unpatched Vulnerabilities in Blender Identified

Technology has evolved in incredible ways that has helped people to create and visualize media like never before. Today, people can use tools such as Blender to visualize, model, and animate 3D content, especially since it’s free and open-source software. However, this also make it an attractive target for adversaries to audit and find vulnerabilities. […]