New Talos Takes podcast puts Talos' spin on the latest cyber news
Today, Cisco Talos' podcast network is growing with a new show. Talos Takes is a new podcast that provides Talos analysts' and researchers' opinions and expertise on the hottest topics in cyber security. The first three episodes of the show — covering holiday shoppin
Vulnerability Spotlight: Multiple vulnerabilities in WAGO PFC200
Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. The WAGO PFC200 and PFC100 controllers contain multiple exploitable vulnerabilities. The PFC200 is one of WAGO’s programmable automation controllers that are used in many industries including a
Threat Source newsletter (Dec. 12, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. We’re entering our Year in Review period. Now’s the time to look back on the top stories from 2019 and think about w
Vulnerability Spotlight: Apple Safari SVG marker element baseVal remote code execution vulnerability
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Apple’s Safari web browser is open to a remote code execution vulnerability via its SVG marker element feature inside the Safari WebKit. Safari uses the WebCore DOM rendering system in WebKit. Ren
Vulnerability Spotlight: Kakadu Software SDK ATK marker code execution vulnerability
Aleksandar Nikolic and Emmanuel Tacheau of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Kakadu Software’s SDK contains an exploitable heap overflow. Kakadu serves as a framework for developers to create a variety of commercial and non-commercial applications.
Vulnerability Spotlight: Denial-of-service vulnerabilities in Linux kernel, W1.fi
Mitchell Frank and Mark Leonard of Cisco discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two denial-of-service vulnerabilities in the open-source program W1.fi. Both of these vulnerabilities target hostapd. One could allow an attacker to fo
Vulnerability Spotlight: Information leak vulnerability in Adobe Acrobat Reader
Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an information leak vulnerability in Adobe Acrobat Reader DC. An attacker could exploit this vulnerability by tricking the victim into opening a specially crafted
Vulnerability Spotlight: Two vulnerabilities in RDP for Windows 7, XP
A Cisco Talos researcher discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered two issues in two implementations of Microsoft Remote Desktop Services: a denial-of-service vulnerability that affects Windows 7/Windows Server 2008 (when RDP 8.0 is enab
Microsoft Patch Tuesday — Dec. 2019: Vulnerability disclosures and Snort coverage
By Jon Munshaw. Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 25 vulnerabilities, two of which are considered critical. This month’s securit