Threat Source newsletter for Sept. 24, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. After months (years?) in beta, an official release candidate is out now for Snort 3. Stay tuned for an officially official release in about a month. In other Snort rules, we also have a deep dive into our detec
New Snort, ClamAV coverage strikes back against Cobalt Strike
By Nick Mavis. Editing by Joe Marshall and Jon Munshaw. Cisco Talos is releasing a new research paper called “The Art and Science of Detecting Cobalt Strike.” We recently released a more granular set of updated SNORTⓇ and ClamAVⓇ detection signatures to detect attempted obfusca
Threat Source newsletter for Sept. 17, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We’ve got a couple of vulnerabilities you should know about. Monday, we disclosed a bug in Google Chrome’s PDFium feature that opens the door for an adversary to execute remote code. Our researchers also discov
Vulnerability Spotlight: Remote code execution vulnerability Apple Safari
Marcin "Icewall" Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Apple Safari web browser contains a remote code execution vulnerability in its Webkit feature. Specifically, an attacker could trigger a use-after-free condition in WebCore, th
Vulnerability Spotlight: Multiple vulnerabilities in Nitro Pro PDF reader
Cisco Talos researchers discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple code execution vulnerabilities in the Nitro Pro PDF reader. Nitro PDF allows users to save, read, sign and edit PDFs on their computers. The software contains
Vulnerability Spotlight: Memory corruption in Google PDFium
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Google Chrome's PDFium feature could be exploited by an adversary to corrupt memory and potentially execute remote code. Chrome is a popular, free web browser available on all operating
Threat Source newsletter for Sept. 10, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. In our continued research on election security, we have a new video roundtable discussion up on our YouTube page. In this Q&A-style format, I ask our researchers questions about the work they’ve done researc
Roundtable video: Disinformation and election security
By Jon Munshaw. In our continued coverage of election security, we decided to sit down with four Talos and Cisco researchers to discuss disinformation. As we outlined in our recent research paper, disinformation is one of the cornerstones of threat actors' efforts to disrup
Microsoft Patch Tuesday for Sept. 2020 — Snort rules and prominent vulnerabilities
By Jon Munshaw. Microsoft released its monthly security update Tuesday, disclosing more than 120 vulnerabilities across its array of products. Twenty-three of the vulnerabilities are considered “critical" while the vast remainder are ranked as “important.” Users of all Mic