Vulnerability Spotlight: Multiple Vulnerabilities in Samsung SmartThings Hub
These vulnerabilities were discovered by Claudio Bozzato of Cisco Talos. Executive Summary Cisco Talos recently discovered several vulnerabilities present within the firmware of the Samsung SmartThings Hub. In accordance with our coordinated disclosure policy, Cisco Talos has w
Files Cannot Be Decrypted? Challenge Accepted. Talos Releases ThanatosDecryptor
This blog post was authored by Edmund Brumaghin, Earl Carter and Andrew Williams. Executive summary Cisco Talos has analyzed Thanatos, a ransomware variant that is being distributed via multiple malware campaigns that have been conducted over the past few months. As a result of
Microsoft Patch Tuesday - June 2018
Executive Summary Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 50 flaws, with 11 of them rated "critical," and 39 rated "im
Vulnerability Spotlight: Multiple Adobe Acrobat Reader DC Vulnerabilities
Discovered by Aleksandar Nikolic of Cisco Talos Update 05/15/18: The CVE for TALOS-2018-0517 has been corrected below. Overview Today, Talos is releasing details of a new vulnerabilities within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and most feature-
Vulnerability Spotlight: Foscam IP Video Camera Firmware Recovery Unsigned Image Vulnerability
This vulnerability was discovered by Claudio Bozzato of Cisco Talos. Executive Summary The Foscam C1 Indoor HD Camera is a network-based camera that is marketed for a variety of uses, including as a home security monitoring device. Talos recently identified 32 vulnerabilities p
Vulnerability Spotlight: Multiple Vulnerabilities in Allen Bradley MicroLogix 1400 Series Devices
These vulnerabilities were discovered by Jared Rittle and Patrick DeSantis of Cisco Talos. Summary Rockwell Automation Allen-Bradley MicroLogix 1400 Programmable Logic Controllers (PLCs) are marketed for use in a variety of different Industrial Control System (ICS) applications
Vulnerability Spotlight: Multiple Nvidia D3D10 Driver Pixel Shader Vulnerabilities
Discovered by Piotr Bania of Cisco Talos Overview Today, Cisco Talos is disclosing multiple vulnerabilities that exist within the Nvidia D3D10 driver. This driver is used throughout multiple GPU product lines available from Nvidia. This is a commonly used driver, and exploitat
Forgot About Default Accounts? No Worries, GoScanSSH Didn’t
This blog post was authored by Edmund Brumaghin, Andrew Williams, and Alain Zidouemba. Executive Summary During a recent Incident Response (IR) engagement, Talos identified a new malware family that was being used to compromise SSH servers exposed to the internet. This malwa
Gozi ISFB Remains Active in 2018, Leverages "Dark Cloud" Botnet For Distribution
This blog post was authored by Edmund Brumaghin and Holger Unterbrink, with contributions from Adam Weller. Executive Summary Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years. Banking trojans are