Fake Cisco Job Posting Targets Korean Candidates
Edmund Brumaghin and Paul Rascagneres authored this post, with contributions from Jungsoo An. Executive summary Cisco Talos recently observed a targeted malware campaign being leveraged in an attempt to compromise specific organizations. The infection vector associated with
Emotet re-emerges after the holidays
While Emotet has been around for many years and is one of the most well-known pieces of malware in the wild, that doesn't mean attackers don't try to freshen it up. Cisco Talos recently discovered several new campaigns distributing the infamous banking trojan via email. T
Threat Roundup Sept 28 - Oct 5
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 28 and Oct. 5. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats
Vulnerability Spotlight: Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability
Discovered by Aleksandar Nikolic of Cisco Talos Overview Cisco Talos is releasing details of a new vulnerability in Google PDFium's JBIG2 library. An exploitable out-of-bounds read on the heap vulnerability exists in the JBIG2-parsing code in Google Chrome, version 67.0.33
VPNFilter III: More Tools for the Swiss Army Knife of Malware
# code Summary VPNFilter — a multi-stage, modular framework that has infected hundreds of thousands of network devices across the globe — is now known to possess even greater capabilities. Cisco Talos recently discovered seven additional third-stage VPNFilter modules that add
Vulnerability Spotlight: Epee Levin Packet Deserialization Code Execution Vulnerability
This vulnerability was discovered by Lilith (>_>) of Cisco Talos. Overview The Epee library, which is leveraged by a large number of cryptocurrencies, contains an exploitable code execution vulnerability in the Levin deserialization functionality. An attacker can send a s
Threat Roundup for September 14 to September 21
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 14 and 21. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’
Microsoft Patch Tuesday - September 2018
Microsoft released its monthly set of security updates today for a variety of its products that address a variety of bugs. The latest Patch Tuesday covers 61 vulnerabilities, 17 of which are rated "critical," 43 that are rated "important" and one that is consi
Picking Apart Remcos Botnet-In-A-Box
This blog post was authored by Edmund Brumaghin and Holger Unterbrink with contributions from Eric Kuhla and Lilia Gonzalez Medina. Overview Cisco Talos has recently observed multiple campaigns using the Remcos remote access tool (RAT) that is offered for sale by a company cal