Vulnerability Spotlight: Multiple vulnerabilities in Pixar OpenUSD affects some versions of macOS
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Aleksandar Nikolic and Jon Munshaw. Pixar OpenUSD contains multiple vulnerabilities that attackers could exploit to carry out a variety of malicious actions. OpenUSD stands for “Open Universal Scene Des
Threat Source newsletter (Nov. 12, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We’re back after a few-week hiatus! And to celebrate, we just dropped some new research on the CRAT trojan that’s bringing some ransomware friends along with it. This blog post has all the details of this threat
Microsoft Patch Tuesday for Nov. 2020 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Joe Marshall. Microsoft released its monthly security update Tuesday, disclosing just over 110 vulnerabilities across its products. This is a slight jump from last month when Microsoft disclosed one of their lowest vulnerability totals in
What to expect when you’re electing: A recap
We’re roughly two weeks out from Election Day in America, although millions of early and mail-in votes have already been cast. In the coming days, there’s sure to be a flurry of news stories about disinformation, allegations of voter fraud, the back-and-forth between parties and
Vulnerability Spotlight: Code execution vulnerability in Google Chrome WebGL
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Google Chrome web browser contains a vulnerability that could be exploited by an adversary to gain the ability to execute code on the victim machine. Chrome is one of the most popular web brow
Threat Source newsletter (Oct. 15, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. In our latest entry into our election security series, we’re turning our attention to the professionals who are responsible for securing our elections. After months of research, we’ve compiled a series of rec
What to expect when you're electing: How election officials can counter disinformation
By Matthew Olney and the communications and public relations professionals at Cisco. Editor's Note: For more on this topic, sign up for a Cisco Duo webinar on election security on Oct. 15 at 1 p.m. ET here. In our work with our partners in the election security space, the m
Vulnerability Spotlight: Code execution, information disclosure vulnerabilities in F2FS toolset
Vulnerabilities discovered by a Cisco Talos researcher. Blog by Jon Munshaw. Cisco Talos recently discovered multiple code execution and information disclosure vulnerabilities in various functions of the F2FS toolset. F2FS is a filesystem toolset commonly found in embedded devic
Vulnerability Spotlight: Denial of service in AMD ATIKMDAG.SYS driver
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered a denial-of-service vulnerability in the ATIKMDAG.SYS driver for some AMD graphics cards. An attacker could send the victim a specially crafted D3DKMTCreateAllocation API