Vulnerability Spotlight: Password reset vulnerability in Epignosis eFront
Richard Dean, CX security advisory, EMEAR, discovered this vulnerability. Blog by Jon Munshaw. Epignosis eFront contains a vulnerability that could allow an adversary to reset the password of any account of their choosing. eFront is a learning management system platform that all
Vulnerability Spotlight: Memory corruption vulnerability in Accusoft ImageGear
Emmanuel Tacheau discovered this vulnerability. Blog by Jon Munshaw. Accusoft ImageGear contains a vulnerability that could allow an attacker to corrupt the software's memory, potentially allowing them to execute arbitrary code on the victim machine. The ImageGear library is
Talos Takes Ep. #42: Seriously folks, save your logs
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. When Pierre Cadieux steps into a Cisco Talos Incident Response engagement, the first thing he wants to do is check out t
Threat Source newsletter (Feb. 25, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We all think of APTs as these wide-reaching, silent threat groups who are backed by a nation-state. But our recent research into Gamaredon shows that not all APTs are created equal. We’ve spotted this actor car
Vulnerability Spotlight: Out-of-bounds read vulnerability in Slic3r could lead to information disclosure
Lilith >_> of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an out-of-bounds read vulnerability in Slic3r's library. Slic3r is an open-source 3-D printing toolbox, mainly utilized for translating assorted 3-D printing m
Threat Source newsletter (Feb. 18, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Whether you want to read Talos’ research or listen to it, we’ve got plenty of options for you this week. Beers with Talos hit its 100th episode last week. To celebrate, we brought Nigel back out of retirement t
Vulnerability Spotlight: Two vulnerabilities in Advantech WebAccess/SCADA
Yuri Kramarz of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in the Advantech WebAccess/SCADA software package. An adversary could exploit each of these vulnerabilities to disclose sensitive information and e
Talos Takes Ep. #41: The tl;dr of Snort 3
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. This week's episode is for all our SNORTⓇ lovers out there. To celebrate last month's release of the Snort 3 GA,
Threat Source newsletter (Feb. 11, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We have an update on LodaRAT, a trojan we’ve been following for years. This threat has a new version targeting Android devices, looking to infect devices and steal user’s credentials and monitor things like thei