Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution
Cisco Talos recently discovered two vulnerabilities in the DaVinci Resolve video editing software that could allow an adversary to execute code in the context of the application. DaVinci Resolve is a non-linear video editing application from Blackmagic Software that is available
Talos Takes Ep. #80: I'll have a blue Christmas without a CTIR retainer
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. It's the holiday season, which means last-minute shopping, family time and cheer. Oh, and it's never a bad time
Threat Source Newsletter (Dec. 16, 2021)
Good afternoon, Talos readers. I'm just going to cut to the chase since I know all anyone wants to read about is Log4J. For the latest Talos research, continually check back on our blog post here. Above is the live stream we recorded Monday morning updating everyone on the s
Threat Source Newsletter (Dec. 9, 2021)
Good afternoon, Talos readers. The good news keeps rolling in for our Incident Response team, who received another accolade by being featured in Forrester's recent quarterly report on the incident readiness industry. This comes on the heels of the team also being named a lea
Talos Takes Ep. #79: Emotet's back with the worst type of holiday present
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Emotet is back, and it brought the worst possible holiday present (just in time for peak spam season, too!). We recently
Threat Source Newsletter (Dec. 2, 2021)
Good afternoon, Talos readers. The Thanksgiving holiday in the U.S. didn't slow us down at all, even though we were all still trying to sleep off the food coma from the long weekend. But we came back this week with lots of fun content. Cisco received an early Christmas pres
Vulnerability Spotlight: Use-after-free condition in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that other software
Case Study: Catching threats ahead of time with a penetration test from the Cisco Talos Incident Response Red Team
By Brad Garnett, Miguel Alvarez Esmoris, Terryn Valikodath and Bob Doyle. As we mentioned in a previous case study, relationships are tried and tested during incident response. So, when a customer came to Cisco Talos Incident Response with concerns about their public-facing webs
An Azure Sphere kernel exploit — or how I learned to stop worrying and love the IoT
By Claudio Bozzato and Lilith [^.^];. As part of our continued research into Microsoft Azure Sphere, there are two vulnerabilities we discovered that we feel are particularly dangerous. For a full rundown of the 31 vulnerabilities we’ve discovered over the past year, check out o