Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered a vulnerability in Hancom Office — a popular software suite in South Korea — that could allow an attacker to corrupt memory on the targeted machine or execute remote code. Han
Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login
Patrick DeSantis of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two vulnerabilities in Moxa's MXview network management software that could allow an attacker to view sensitive data or bypass the need to log into the device. MXview is design
Microsoft Patch Tuesday for Feb. 2022 — Snort rules and prominent vulnerabilities
Microsoft released its monthly security update Tuesday, disclosing 51 vulnerabilities across its large collection of hardware and software. None of the vulnerabilities disclosed this month are considered “critical,” an extreme rarity for the company’s Patch Tuesdays. Additionall
Vulnerability Spotlight: Use-after-free in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that other software
Vulnerability Spotlight: Multiple vulnerabilities in Sealevel SeaConnect
Francesco Benvenuto and Matt Wiseman of Cisco Talos discovered these vulnerabilities. Update (Feb. 16, 2022): We are also disclosing a vulnerability in the Texas Instruments CC3200 SimpleLink microcontroller that is related to the SeaConnect vulnerabilities outlined in this post
Vulnerability Spotlight: Memory corruption and use-after-free vulnerabilities in Foxit PDF Reader
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered a memory corruption and use-after-free vulnerability in the Foxit PDF Reader. Foxit PDF Reader is one of the most popular PDF document readers currently avai
Threat Source Newsletter (Jan. 27, 2022)
Good afternoon, Talos readers. It's great to have New Year's resolutions and all. But we don't want you taking the wrong lessons away from 2021, either. Like just because Log4j happened doesn't mean you should stop logging or stop using open-source software. The
Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several vulnerabilities in the Reolink RLC-410W security camera that could allow an attacker to perform several malicious actions, including performing man-in-the-middle attacks,
Vulnerability Spotlight: Vulnerability in Apple iOS, iPad OS and MacOS could lead to disclosure of sensitive memory data
Jaewon Min of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered an out-of-bounds read vulnerability in Apple’s macOS and iOS operating systems that could lead to the disclosure of sensitive memory content. An attacker could capitalize on that informat