Vulnerability Spotlight: Multiple vulnerabilities in SoftMaker Office TextMaker
A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in SoftMaker's TextMaker software. A user could trigger these vulnerabilities by opening an attacker-created, malicious document. An adve
Vulnerability Spotlight: Multiple vulnerabilities in Genivia gSOAP
A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in various Genivia gSOAP toolkit plugins. These vulnerabilities could allow an attacker to carry out a variety of malicious activities, inclu
2020: The year in malware
By Jon Munshaw. Nothing was normal in 2020. Our ideas of working from offices, in-person meetings, hands-on learning and basically everything else was thrown into disarray early in the year. Since then, we defenders have had to adapt. But so have workers around the globe, and th
Threat Source newsletter (Dec. 17, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. This will be our last Threat Source newsletter of the year. We’ll be on a few-week break for the holidays until Jan. 7. Of course, all anyone wants to talk about this week is the SolarWinds supply chain attack.
Vulnerability Spotlight: Multiple vulnerabilities in NZXT computer monitoring software
Carl Hurd of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. NZXT’s CAM computer monitoring software contains multiple vulnerabilities an attacker could use to carry out a range of malicious actions. CAM provides users information on their machines, such as fan s
Vulnerability Spotlight: Two vulnerabilities in Lantronix XPort EDGE
Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Executive summary Cisco Talos recently discovered two vulnerabilities in the Web Manager functionality of Lantronix XPort EDGE. The XPort EDGE is a next-generation wired Ethernet gateway for
Threat Source newsletter (Dec. 10, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Cyber security firm FireEye recently disclosed an incident that was reported to have resulted in the inadvertent disclosure of various internally developed offensive security tools (OSTs) that were used across F
Vulnerability Spotlight: Multiple vulnerabilities in Foxit PDF Reader JavaScript engine
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Executive summary Cisco Talos recently discovered multiple vulnerabilities in Foxit PDF Reader’s JavaScript engine. Foxit PDF Reader is a commonly used PDF reader that contains many featur
Quarterly Report: Incident Response trends from Fall 2020
By David Liebenberg and Caitlin Huey. For the sixth quarter in a row, Cisco Talos Incident Response (CTIR) observed ransomware dominating the threat landscape. However, for the first quarter since we began compiling these reports, no engagements that were closed out involved the