Vulnerability Spotlight: Code execution vulnerability in Mozilla Firefox
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a use-after-free vulnerability in Mozilla Firefox that could lead to code execution. Firefox is a widely used web browser available on many operating systems. This specific vulne
Talos Takes Ep: #63: Shield your eyes from the Solarmarker
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Andrew Windsor has been following the Solarmarker threat for months. But it really started to catch his eye when he spot
Threat Source newsletter (Aug. 5, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We hope everyone is enjoying BlackHat and/or DEFCON this week, regardless of if you're attending virtually or in person. In case you missed any of our talks from BlackHat, you can check them out here, along
Vulnerability Spotlight: Use-after-free vulnerability in tinyobjloader
Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered that a specific function of tinyobjloader does not properly validate array indexes. An adversary could trick a user into opening a specially crafted file, causing an index out-of-bound
Updates to the Cisco Talos Email Status Portal
Cisco Talos is rolling out several changes to the Email Status Portal that adds new features and makes the Portal even easier to use. The Talos Email Status Portal allows users to view mail samples submitted and their statuses, analyze graphical displays of submission metrics, a
Threat Source newsletter (July 29, 2021)
Good afternoon, Talos readers. Thanks to everyone who joined us live yesterday for our talk on business email compromise. If you missed us live, the recording is up on our YouTube page now. Nick Biasini from Talos Outreach provided some great advice on avoiding business email co
Vulnerability Spotlight: Use-after-free vulnerabilities in Foxit PDF Reader
Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered multiple use-after-free vulnerabilities in the Foxit PDF Reader. Foxit PDF Reader is one of the most popular PDF document readers currently available. As a comp
Vulnerability Spotlight: Unsafe deserialization vulnerabilities in CODESYS Development System
Patrick DeSantis discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in the CODESYS Development System. The CODESYS Development System is the IEC 61131-3 programming tool for industrial control and automation technolog
Talos Takes Ep: #62: Don't sleep on business email compromise
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Business email compromise may seem like last decade’s threat, but it’s still just as prevalent as ever. A recent FBI rep