Vulnerability Spotlight: Denial-of-service vulnerabilities in Micrium uc-HTTP’s HTTP server
Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Micrium uc-HTTP’s HTTP server that could cause denial-of-service conditions. An attacker could trigger these vulnerabilities by targeting
Talos Takes Ep. #37: What's with all this talk about supply chain attacks?
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. The major SolarWinds campaign has been generating headlines for weeks now. And while its specific targets make this atta
Threat Source newsletter (Jan. 21, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We know it’s hard to focus on anything happening outside of Washington, D.C. this week. But we would be remiss if we didn’t mention the exciting news that the Snort 3 GA is officially out now! This update has be
Vulnerability Spotlight: Multiple vulnerabilities in PrusaSlicer
Lilith >_> of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two out-of-bounds write vulnerabilities in Prusa Research’s PrusaSlicer. Prusa Slicer is an open-source 3-D printer slicing program forked off Slic3r that can c
Threat Source newsletter (Jan. 14, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Microsoft released its monthly security update this week, disclosing 83 vulnerabilities across its suite of products to kickoff 2021. Our blog post has the most important vulnerabilities you need to know about,
Microsoft Patch Tuesday for Jan. 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Asheer Malhotra. Microsoft released its monthly security update Tuesday, disclosing 83 vulnerabilities across its suite of products to kick-off 2021. There are only 10 critical vulnerabilities as part of this release, while there are two
Changes to Cisco Talos’ Content and Threat Category lists
Cisco Talos is happy to announce the upcoming changes to our Content and Threat Category lists. Our goal is to provide you with sufficient intelligence details to allow you to make informed decisions to protect your network without disrupting your organization’s productivity. The
Threat Source newsletter (Jan. 7, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers and welcome to the first Threat Source newsletter of 2021. We hit the ground running already this year with a new Beers with Talos episode. It was recorded back in 2020, but the lessons regarding ransomware attac
Vulnerability Spotlight: Denial-of-service vulnerability in Rockwell Automation RSLinx
Alexander Perez-Palma of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a denial-of-service vulnerability in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic. An attacker could exploit this vulnerability