Microsoft Patch Tuesday for Feb. 2022 — Snort rules and prominent vulnerabilities
Microsoft released its monthly security update Tuesday, disclosing 51 vulnerabilities across its large collection of hardware and software. None of the vulnerabilities disclosed this month are considered “critical,” an extreme rarity for the company’s Patch Tuesdays. Additionall
Vulnerability Spotlight: Use-after-free in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that other software
Vulnerability Spotlight: Multiple vulnerabilities in Sealevel SeaConnect
Francesco Benvenuto and Matt Wiseman of Cisco Talos discovered these vulnerabilities. Update (Feb. 16, 2022): We are also disclosing a vulnerability in the Texas Instruments CC3200 SimpleLink microcontroller that is related to the SeaConnect vulnerabilities outlined in this post
Vulnerability Spotlight: Memory corruption and use-after-free vulnerabilities in Foxit PDF Reader
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered a memory corruption and use-after-free vulnerability in the Foxit PDF Reader. Foxit PDF Reader is one of the most popular PDF document readers currently avai
Threat Source Newsletter (Jan. 27, 2022)
Good afternoon, Talos readers. It's great to have New Year's resolutions and all. But we don't want you taking the wrong lessons away from 2021, either. Like just because Log4j happened doesn't mean you should stop logging or stop using open-source software. The
Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several vulnerabilities in the Reolink RLC-410W security camera that could allow an attacker to perform several malicious actions, including performing man-in-the-middle attacks,
Vulnerability Spotlight: Vulnerability in Apple iOS, iPad OS and MacOS could lead to disclosure of sensitive memory data
Jaewon Min of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered an out-of-bounds read vulnerability in Apple’s macOS and iOS operating systems that could lead to the disclosure of sensitive memory content. An attacker could capitalize on that informat
Talos Incident Response year-in-review for 2021
Cisco Talos Incident Response (CTIR), as with everyone else in the cybersecurity world, dealt with a bevy of threats last year, as responders dealt with an expanding set of ransomware adversaries and several major cybersecurity incidents affecting organizations worldwide, all und
Threat Source Newsletter (Jan. 20, 2022)
Good afternoon, Talos readers. Even though we're nearly a month into 2022, we're still not quite ready to move on from 2021. That's why next week, we'll be going live on social media to talk about some of the top cybersecurity stories from the past year. Liz Wad