Vulnerability Spotlight: Denial-of-service in VMWare Fusion 11
Piotr Bania of Cisco Talos discovered this vulnerability. Executive summary VMware Fusion 11 contains an exploitable denial-of-service vulnerability. VMWare Fusion is an application for Mac operating systems that allows users to run other OSs in a virtual environment, such as W
Threat Source newsletter (Oct. 24, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Never assume that a malware family is really dead. We’ve done it time and time again with things like Emotet, and Gu
Vulnerability Spotlight: Multiple vulnerabilities in YouPHPTube
Yuri Kramarz of Security Advisory EMEAR discovered these vulnerabilities. YouPHPTube contains multiple vulnerabilities that could allow an attacker to carry out a variety of malicious activities. Specially crafted, attacker-created web requests can allow an attacker to inject SQ
Threat Source newsletter (Oct. 17, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. It’s rare that iOS jailbreaks make it onto the scene. Apple is usually able to patch them out quickly. But a recent
Vulnerability Spotlight: Another fix for Adobe Acrobat Reader DC text field value remote code execution
Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Cisco Talos once again would like to bring attention to a remote code execution vulnerability in Adobe Acrobat Reader. Acrobat, which is one of the most popular PDF readers on the market, contains a bug when the s
Threat Source newsletter (Oct. 10, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. It’s that time again to update all your Microsoft products. The company released its monthly update Tuesday, disclos
Talos takes home top research honors at Virus Bulletin conference
By Jon Munshaw Researchers from Cisco Talos brought up the top award at this year’s Virus Bulletin conference. Talos received the Péter Ször Award — named for the prolific security researcher who was a longtime contributor to Virus Bulletin and passed away in 2013 — for our res
Vulnerability Spotlight: Multiple remote code execution bugs in NitroPDF
Cory Duplantis and Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple remote code execution vulnerabilities in NitroPDF. Nitro PDF allows users to save, read, sign and edit PDF files on their machines. There are two versi
Vulnerability spotlight: Multiple vulnerabilities in Schneider Electric Modicon M580
Jared Rittle and Patrick DeSantis of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. There are several vulnerabilities in the Schneider Electric Modicon M580 that could lead to a variety of conditions, the majority of which can cause a denial of service. The Mo