Vulnerability Spotlight: Code execution vulnerability in Microsoft Media Foundation
Marcin Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation’s framework contains a code execution vulnerability. This specific bug lies in Media Foundations’ MPEG4 DLL. An attacker could provide a user with a specially crafted ASF fi
Vulnerability Spotlight: Use-after-free vulnerability in Windows 10 win32kbase
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos is releasing the details of a use-after-free vulnerability in Windows 10. An attacker could exploit this vulnerability to gain the ability to execute arbitrary code in the kernel conte
Vulnerability Spotlight: Information leak vulnerability in Adobe Acrobat Reader’s JavaScript function
Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an information leak vulnerability in Adobe Acrobat Reader. Acrobat supports a number of features, including the ability to process embedded JavaScript. An attack
Introducing Cisco Talos Incident Response: Stories from the Field
By Jon Munshaw. As another way of bringing our boots-on-the-ground intelligence to defenders, customers and users, we are introducing a new video series called "Cisco Talos Incident Response: Stories from the Field." In each entry, a CTIR team member will cover one
Vulnerability Spotlight: Accusoft ImageGear library code execution vulnerabilities
Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered three code execution vulnerabilities in Accusoft ImageGear. The ImageGear library is a document-imaging developer toolkit to assist users with image conversion,
Threat Source newsletter (Feb. 6, 2020)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. There’s never been a better time to be into cyber security podcasts. Our Podcasts page on TalosIntelligence.com got
Quarterly Report: Incident Response trends in fall 2019
By David Liebenberg and Kendall McKay. While many Cisco Talos Incident Response (CTIR) engagements have shown similar patterns over the past two quarters, we’re seeing a dangerous trend emerge this winter. Threat actors are increasingly combining the exfiltration of sensitive da
Vulnerability Spotlight: Denial-of-service, information leak bugs in Mini-SNMPD
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Multiple vulnerabilities exist in Mini-SNMPD, a lightweight implementation of a Simple Network Management Protocol server. An attacker can exploit these bugs by providing a specially crafted
Talos Takes back with new episode, feed
Talos Takes, our new bite-size podcast, is back with its own feed and a new show. We first unveiled Talos Takes in early December, and took some time to develop a new Talos Podcasts page to accommodate Talos Takes and Beers with Talos. Now you have two Talos shows you can subscr