Vulnerability Spotlight: Information disclosure vulnerability in Microsoft Media Foundation
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation contains an information disclosure vulnerability that could allow an attacker to eventually remotely execute code on the victim machine. Media Foundation is a COM-
Microsoft Patch Tuesday — April 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw. Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 115 vulnerabilities. Nineteen of the flaws Microsoft disclosed are considered c
Quarterly Report: Incident Response trends in Spring 2020
By David Liebenberg. Cisco Talos Incident Response (CTIR) engagements continue to be dominated by ransomware and commodity trojans. As alluded to in last quarter’s report, ransomware actors have begun threatening to release sensitive information from victims as a means of further
Threat Source newsletter for April 9, 2020
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Nearly all devices have some sort of fingerprint scanner now, used to log users in. But these scanners prevent their
Threat Source newsletter (April 2, 2020)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. As long as COVID-19 is in the headlines (which is going to be a long time) actors are going to try and capitalize. W
Threat Source newsletter (March 26, 2020)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Just because we’re all still working from home doesn’t mean you can stop patching. We’ve been busy this week with a
Vulnerability Spotlight: Intel Raid Web Console 3 denial-of-service bugs
Geoff Serrao of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two denial-of-service vulnerabilities in the web API functionality of Intel RAID Web Console 3. The Raid Web Console is a web-based application that provides severa
Vulnerability Spotlight: Multiple vulnerabilities in Videolabs libmicrodns
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. A specific library in the Videolabs family of software contains multiple vulnerabilities that could lead to denial of service and code execution. Videolabs is a company founded by VideoLAN memb
Vulnerability Spotlight: Denial-of-service vulnerability in GStreamer
Peter Wang of Cisco ASIG discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a denial-of-service vulnerability in GStreamer, a pipeline-based multimedia framework. GStreamer contains gst-rtsp-server, an open-source library that allows the user to