Microsoft Patch Tuesday for Oct. 2020 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Alex McDonnell and Nick Biasini. Microsoft released its monthly security update Tuesday, disclosing just under 100 vulnerabilities across its array of products. Fourteen of the vulnerabilities are considered “critical" while the vast
Vulnerability Spotlight: Information leak vulnerability in Google Chrome WebGL
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Google Chrome web browser contains a vulnerability that could be exploited by an adversary to carry out a range of malicious actions. Chrome is one of the most popular web browsers currently a
Vulnerability Spotlight: Denial-of-service vulnerabilities in Allen-Bradley Flex I/O
Jared Rittle of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. The Allen-Bradley Flex input/output system contains multiple denial-of-service vulnerabilities in its ENIP request path data segment. These bugs exist specifically in the 1794-AENT FLEX I/O modula
Threat Source newsletter for Oct. 8, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We’ve been writing and talking about election security a ton lately. And as the U.S. presidential election draws closer, we decided it was time to summarize some things. So, we released this blog post with our f
Vulnerability Spotlight: DoS vulnerability in ATIKMDAG.SYS AMD graphics driver
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered a denial-of-service vulnerability in the ATIKMDAG.SYS driver for some AMD graphics cards. An attacker could send the victim a specially crafted D3DKMTCreateAllocation API
What to expect when you’re electing: Voter recommendations
By Amy Henderson. Information operations have been around for millennia, yet with the advent of the internet and the democratization of content creation, the barriers to entry have lowered to a point that anyone can play now. In the course of our latest research on disinformati
Threat Source newsletter for Oct. 1, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. In the past, we’ve covered what disinformation (otherwise known as “fake news”) is and who spreads it. Now, we’re diving into why it works, and why it’s so easy for people to spread. Check out our full paper her
What to expect when you're electing: Information hygiene and the human levers of disinformation
Editor's note: Related reading on Talos election security research: /what-to-expect-when-youre-electing /election-roundtable-video /what-to-expect-electing-disinformation-building-blocks By Azim Khodjibaev and Ryan Pentney. As Cisco Talos researchers outlined in a paper
Vulnerability Spotlight: Remote code execution bugs in NVIDIA D3D10 driver
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered multiple remote code execution vulnerabilities in the NVIDIA D3D10 driver. This driver supports multiple GPUs that NVIDIA produces. An adversary could exploit these vul