Microsoft Patch Tuesday — Nov. 2019: Vulnerability disclosures and Snort coverage
By Jon Munshaw. Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday discloses 75 vulnerabilities, 13 of which are considered "critical," with the rest being deemed "impo
Vulnerability Spotlight: Remote code execution vulnerability in Microsoft Media Foundation
Marcin Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Microsoft Media Foundation’s framework contains a remote code execution vulnerability that exists due to a use-after-free condition. This specific bug lies in Media Foundation's MPEG4 DLL. An atta
Vulnerability Spotlight: Remote code execution vulnerability in Microsoft Excel
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a remote code execution vulnerability in Microsoft Excel. Microsoft disclosed this bug as part of their monthly security update Tuesday. This vulnerability ex
New partnership brings together Talos’ visibility with IR’s unmatched response capabilities
By Jon Munshaw. The threat landscape has evolved into a complex, challenging environment for organizations everywhere. A talent shortage, combined with an increase in incidents, has led to a generally weak security posture among most organizations. Defenders’ backs are up agains
Threat Source newsletter (Nov. 7, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. The only news we’re going to cover this week is the biggest news we’ve had in a while. Tuesday, we announced that Ci
Vulnerability Spotlight: Code execution vulnerabilities in LEADTOOLS
Marcin Towalski and Cory Duplantis of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the LEADTOOLS line of imaging toolkits. LEADTOOLS is a collection of toolkits designed to perform a variety of functions aimed at integ
Talos, Cisco Incident Response team up to offer more protection than ever
By Sean Mason Over the years, I've had the honor and privilege to work within some of the greatest security teams on the planet, working alongside such passionate and talented people at Cisco makes delivering this announcement perhaps the greatest honor yet. The best securi
Vulnerability Spotlight: Two remote code execution vulnerabilities in Investintech Able2Extract
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered two remote code execution vulnerabilities in Investintech’s Able2Extract Professional. This software is a cross-platform PDF tool for Windows, Mac and Linux that conver
Threat Source newsletter (Oct. 31, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. We’re scared of stalkerware, and you should be, too. These spyware apps are becoming more popular among everyone fro