Case Study: Catching threats ahead of time with a penetration test from the Cisco Talos Incident Response Red Team
By Brad Garnett, Miguel Alvarez Esmoris, Terryn Valikodath and Bob Doyle. As we mentioned in a previous case study, relationships are tried and tested during incident response. So, when a customer came to Cisco Talos Incident Response with concerns about their public-facing webs
An Azure Sphere kernel exploit — or how I learned to stop worrying and love the IoT
By Claudio Bozzato and Lilith [^.^];. As part of our continued research into Microsoft Azure Sphere, there are two vulnerabilities we discovered that we feel are particularly dangerous. For a full rundown of the 31 vulnerabilities we’ve discovered over the past year, check out o
Talos Takes Ep. #78: Attackers would love to buy you a non-existent PS5 this holiday season
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We know this episode comes around every year, but people keep falling for scams, so we have to remind p
A review of Azure Sphere vulnerabilities: Unsigned code execs, kernel bugs, escalation chains and firmware downgrades
Summary of all the vulnerabilities reported by Cisco Talos in Microsoft Azure Sphere By Claudio Bozzato and Lilith [>_>]. In May 2020, Microsoft kicked off the Azure Sphere Security Research Challenge, a three-month initiative aimed at finding bugs in Azure Sphere. In
Vulnerability Spotlight: Multiple vulnerabilities in Advantech R-SeeNet
Yuri Kramarz discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Advantech R-SeeNet monitoring software. R-SeeNet is the software system used for monitoring Advantech routers. It continuously collects information from individual rou
Vulnerability Spotlight: PHP deserialize vulnerability in CloudLinux Imunity360 could lead to arbitrary code execution
Marcin “Icewall” Noga of Cisco Talos. Cisco Talos recently discovered a vulnerability in the Ai-Bolit functionality of CloudLinux Inc Imunify360 that could lead to arbitrary code execution. Imunify360 is a security platform for web-hosting servers that allows users to configure
Talos Takes Ep. #77: How to connect to (and safely use) public WiFi
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Whenever we walk into a bar or restaurant, it's almost a given that we're going to ask the bartender or server:
Threat Source Newsletter (Nov. 18, 2021)
Good afternoon, Talos readers. This is our last newsletter before Thanksgiving in the U.S. next week, so now's as good of a time as any to remind you: If a deal seems too good to be true, it probably is. To prep online shoppers for the upcoming Cyber Monday and Black Friday
Vulnerability Spotlight: Multiple code execution vulnerabilities in LibreCAD
Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered three vulnerabilities in LibreCAD’s libdfxfw open-source library. This library reads and writes .dxf and .dwg files — the primary file format for vector graphics in CAD software. Libr