Threat Source newsletter for June 4, 2020
Our social media content and promotion are on pause this week as there are more important issues being discussed and other voices that need to be heard. However, we still wanted to provide users with the latest IOCs and threats we’re seeing. Upcoming public engagements Event:
Vulnerability Spotlight: Two vulnerabilities in Zoom could lead to code execution
A member of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered two vulnerabilities in the popular Zoom video chatting application that could allow a malicious user to execute arbitrary code on victims’ machines. Video conferencing software has skyrockete
Vulnerability Spotlight: VMware Workstation 15 denial-of-service vulnerability
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a denial-of-service vulnerability in VMware Workstation 15. VMware allows users to set up virtual machines and operate various operating systems outside of the ones de
Threat Source newsletter for May 28, 2020
Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. We need to start things off by wishing a Happy Birthday to Beers with Talos! The first episode was released on May 12, 2017. To celebrate, we have a new e
Threat Source newsletter for May 21, 2020
Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Beers with Talos chugs on during quarantine with the latest episode of “The In-Between.” Once again, the hosts talk about everything but security, answeri
Vulnerability Spotlight: Authentication bypass vulnerability in some Epson projectors
Yuri Kramarz of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Epson EB-1470UI Projector contains an authentication bypass vulnerability in its web control functionality. This projector allows users to control it over the web. However, an adversary could tri
Vulnerability Spotlight: Multiple vulnerabilities in Nitro Pro PDF reader
Aleksandar Nikolic and Cory Duplantis of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two code execution vulnerabilities and an information disclosure flaw in Nitro Pro PDF reader. Nitro PDF allows users to save, read, sign a
Threat Source newsletter for May 14, 2020
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Our main focus this week is on Astaroth. This is a malware family that has been targeting Brazil with a variety of l
Vulnerability Spotlight: Code execution vulnerability in Microsoft Excel
Cisco Talos recently discovered a code execution vulnerability in some versions of Microsoft Excel. An attacker could exploit this vulnerability by tricking the victim into opening a specially crafted Excel file, triggering a use-after-free condition and allowing them to execute