Microsoft Patch Tuesday — May 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw. Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 111 vulnerabilities. Fifteen of the flaws Microsoft disclosed are considered cr
Vulnerability Spotlight: Remote code execution vulnerabilities in Adobe Acrobat Reader
Cisco Talos recently discovered two remote code execution vulnerabilities in Adobe Acrobat Reader. Acrobat supports a number of features, including the ability to process embedded JavaScript. These flaws specifically exist in the way the software handles the destruction of annota
Threat Source newsletter for May 7, 2020
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. With all of us working from home, Beers with Talos episodes are coming out faster than ever. This week, we have an a
Vulnerability Spotlight: Code execution vulnerability in 3S CODESYS
Carl Hurd of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable code execution vulnerability in 3S’ CODESYS Control SoftPLC runtime system. The system allows any embedded or PC device to convert into an IEC 61131-3-
Vulnerability Spotlight: Multiple code execution vulnerabilities in Accusoft ImageGear
Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered four code execution vulnerabilities in Accusoft ImageGear. The ImageGear library is a document-imaging developer toolkit to assist users with image conversion,
Threat Source newsletter for April 30, 2020
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Our newest research post focuses on the Aggah campaign. Threat actors are pushing Aggah to victims via malicious Mic
Threat Source newsletter for April 23, 2020
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. There’s a new Beers with Talos podcast out now. And guess what? They actually talk about security this time! The guy
Talos Incident Response announces new, lower price through July 25
Today’s world looks very different than three months ago. More people work remotely than ever before. IT teams work around the clock to expand capacity and new software and services are being deployed to handle the load. Within this new remote environment, we have seen new malwar
Threat Source newsletter for April 16, 2020
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. It’s what — week 5 of this quarantine in the U.S.? Week 6? We’ve lost count. And so did the Beers with Talos guys. B