Cisco Talos Blog

May 29, 2024 12:07

Out-of-bounds reads in Adobe Acrobat; Foxit PDF Reader contains vulnerability that could lead to SYSTEM-level privileges

Acrobat, one of the most popular PDF readers currently available, contains two out-of-bounds read vulnerabilities that could lead to the exposure of sensitive contents of arbitrary memory in the application.

May 23, 2024 14:00

Apple and Google are taking steps to curb the abuse of location-tracking devices — but what about others?

Plus, SS7 vulnerabilities are being exploited and BreachForums is taken down again.

May 16, 2024 14:00

Rounding up some of the major headlines from RSA

Here’s a rundown of some things you may have missed if you weren’t able to stay on top of the things coming out of the conference.

May 14, 2024 13:57

Only one critical vulnerability included in May’s Microsoft Patch Tuesday; One other zero-day in DWN Core

The lone critical security issue is CVE-2024-30044, a remote code execution vulnerability in SharePoint Server.

May 9, 2024 14:00

A new alert system from CISA seems to be effective — now we just need companies to sign up

Under a pilot program, CISA has sent out more than 2,000 alerts to registered organizations regarding the existence of any unpatched vulnerabilities in CISA’s KEV catalog.

May 8, 2024 12:00

Talos discloses multiple zero-day vulnerabilities, two of which could lead to code execution

Two vulnerabilities in this group — one in the Tinyroxy HTTP proxy daemon and another in the stb_vorbis.c file library — could lead to arbitrary code execution, earning both issues a CVSS score of 9.8 out of 10.

May 2, 2024 14:00

What can we learn from the passwords used in brute-force attacks?

There are some classics on this list — the ever-present “Password” password, Passw0rd (with a zero, not an “O”) and “123456.”

May 1, 2024 12:00

Vulnerabilities in employee management system could lead to remote code execution, login credential theft

Talos also recently helped to responsibly disclose and patch other vulnerabilities in the Foxit PDF Reader and two open-source libraries that support the processing and handling of DICOM files.

April 29, 2024 08:00

James Nutland studies what makes threat actors tick, growing our understanding of the current APT landscape

Nutland says he goes into every engagement or new project with a completely open mind and a blank slate — using his background investigating terror operations to find out as much as he can about a particular adversary’s operation.