Best practices for staying safe online during the holiday shopping season
By Jon Munshaw. This holiday shopping season, the basics of avoiding a malware infection boils down to: If it sounds too good to be true, it probably is. While sometimes retailers do give out small-dollar gift cards, that $500 discount on a new iPhone is probably not real. If i
Threat Source newsletter (Nov. 21, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. It’s nearly holiday shopping season, which means it’s prime scam season. On the latest Beers with Talos episode, we
Vulnerability Spotlight: Tenda AC9 /goform/WanParameterSetting command injection vulnerability
Amit Raut of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a command injection vulnerability in the Tenda AC9 router. The Tenda AC9 is one of the most popular and affordable dual-band gigabit WiFi Router available online, especially on Amazon. A comm
Vulnerability Spotlight: Two remote code execution vulnerabilities in Xcftools
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Xcftools contains two remote code execution vulnerabilities in its flattenIncrementally function. Xcftools is a set of tools for handling Gimp’s XCF files. The software provides tools to extract information from a
Cryptominers, ransomware among top malware in IR engagements in Q4
By David Liebenberg and Kendall McKay. This summer’s most popular malware families were common and used in unsophisticated attacks, with phishing being the top infection vector, according to Cisco Talos Incident Response (CTIR) data. In addition to threat actors repeatedly deplo
How the new Talos IR Cyber Range can prepare your employees for a cyber attack
By Gerard Johansen, Charles Iszard and Luke DuCharme. With the surge of ransomware attacks, information leaks and other cyber attacks in the headlines, most companies and organizations are aware that their employees need to be trained on how to stay safe online. But the real cha
Threat Source newsletter (Nov. 14, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. It was all about the bugs this week. Patch Tuesday was especially busy for us, including our usual recap of all the
Vulnerability Spotlight: Command injection bug in Exhibitor UI
Logan Sanderson of Cisco ASIG discovered this vulnerability. Exhibitor Web UI contains an exploitable command injection vulnerability in its Config editor. Exhibitor is a ZooKeeper supervisory process. Exhibitor's Web UI does not have any form of authentication, and prior to
Vulnerability Spotlight: Denial-of-service vulnerability in Intel IGC64 graphics driver
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Intel’s IGC64.dll graphics driver contains a denial-of-service vulnerability. An attacker could exploit this bug by supplying a malformed pixel shader if the graphics driver is operating inside a VMwa