Old dog, new tricks - Analysing new RTF-based campaign distributing Agent Tesla, Loki with PyREbox
This blog post was authored by Edmund Brumaghin and Holger Unterbrink with contributions from Emmanuel Tacheau. Executive Summary Cisco Talos has discovered a new malware campaign that drops the sophisticated information-stealing trojan called "Agent Tesla," and othe
Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
TALOS-2018-0626 / CVE-2018-3956 is an exploitable out-of-bounds read vulnerability which can disclose sensitive memory content and could be used, in conjunction with other vulnerabilities, to aid in full compromise. A specially crafted PDF file could trigger this vulnerability.
Vulnerability Spotlight: TALOS-2018-0560 - ERPNext SQL Injection Vulnerabilities
Smoking Guns - Smoke Loader learned new tricks
Smoke Loader is primarily used as a downloader to drop and execute additional malware like ransomware or cryptocurrency miners.
Vulnerability Spotlight: TALOS-2018-0523-24 - Multiple Vulnerabilities in Pixars Renderman application
Vulnerabilities discovered by Tyler Bohan from Talos Overview Talos is disclosing two denial-of-service vulnerabilities in Pixar’s Renderman application. Renderman is a rendering application used in animation and film production. It is widely used for advanced rendering and sha
Vulnerability Spotlight: TALOS-2018-0545 - Microsoft wimgapi LoadIntegrityInfo Code Execution Vulnerability
Vulnerabilities discovered by Marcin Noga from Talos Overview Talos is disclosing a remote code execution vulnerability in the Microsoft wimgapi library. The wimgapi DLL is used in the Microsoft Windows operating system to perform operations on Windows Imaging Format (WIM)
Vulnerability Spotlight: TALOS-2018-0535 - Ocularis Recorder VMS_VA Denial of Service Vulnerability
Vulnerabilities discovered by Carlos Pacho from Talos Overview Talos is disclosing a denial-of-service vulnerability in the Ocularis Recorder. Ocularis is a video management software (VMS) platform used in a variety of settings, from convenience stores, to city-wide deployments
Vulnerability Spotlight: TALOS-2018-0529-531 - Multiple Vulnerabilities in NASA CFITSIO library
Talos is disclosing three remote code execution vulnerabilities in the NASA CFITSIO library. CFITSIO is a library of C and Fortran subroutines for reading and writing data files in the Flexible Image Transport System (FITS) data format. FITS is a standard format endorsed by both