Microsoft Patch Tuesday for Nov. 2020 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Joe Marshall. Microsoft released its monthly security update Tuesday, disclosing just over 110 vulnerabilities across its products. This is a slight jump from last month when Microsoft disclosed one of their lowest vulnerability totals in
What to expect when you’re electing: A recap
We’re roughly two weeks out from Election Day in America, although millions of early and mail-in votes have already been cast. In the coming days, there’s sure to be a flurry of news stories about disinformation, allegations of voter fraud, the back-and-forth between parties and
Vulnerability Spotlight: Code execution vulnerability in Google Chrome WebGL
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Google Chrome web browser contains a vulnerability that could be exploited by an adversary to gain the ability to execute code on the victim machine. Chrome is one of the most popular web brow
Threat Source newsletter (Oct. 15, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. In our latest entry into our election security series, we’re turning our attention to the professionals who are responsible for securing our elections. After months of research, we’ve compiled a series of rec
What to expect when you're electing: How election officials can counter disinformation
By Matthew Olney and the communications and public relations professionals at Cisco. Editor's Note: For more on this topic, sign up for a Cisco Duo webinar on election security on Oct. 15 at 1 p.m. ET here. In our work with our partners in the election security space, the m
Vulnerability Spotlight: Code execution, information disclosure vulnerabilities in F2FS toolset
Vulnerabilities discovered by a Cisco Talos researcher. Blog by Jon Munshaw. Cisco Talos recently discovered multiple code execution and information disclosure vulnerabilities in various functions of the F2FS toolset. F2FS is a filesystem toolset commonly found in embedded devic
Vulnerability Spotlight: Denial of service in AMD ATIKMDAG.SYS driver
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered a denial-of-service vulnerability in the ATIKMDAG.SYS driver for some AMD graphics cards. An attacker could send the victim a specially crafted D3DKMTCreateAllocation API
Microsoft Patch Tuesday for Oct. 2020 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Alex McDonnell and Nick Biasini. Microsoft released its monthly security update Tuesday, disclosing just under 100 vulnerabilities across its array of products. Fourteen of the vulnerabilities are considered “critical" while the vast
Vulnerability Spotlight: Information leak vulnerability in Google Chrome WebGL
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Google Chrome web browser contains a vulnerability that could be exploited by an adversary to carry out a range of malicious actions. Chrome is one of the most popular web browsers currently a