Vulnerability Spotlight: Multiple vulnerabilities in coTURN
Nicolas Edet of Cisco discovered these vulnerabilities. Executive summary Today, Cisco Talos is disclosing three vulnerabilities in coTURN. coTURN is an open-source implementation of TURN and STUN servers that can be used as a general-purpose networking traffic TURN server. TU
Vulnerability Spotlight: Python.org certificate parsing denial-of-service
Colin Read and Nicolas Edet of Cisco Talos discovered these vulnerabilities. Executive summary Python.org contains an exploitable denial-of-service vulnerability in its X509 certificate parser. A specially crafted X509 certificate can cause a NULL pointer dereference, resultin
Cisco Talos' new reputation dispute system
Pylocky Unlocked: Cisco Talos releases PyLocky ransomware decryptor
This tool was developed by Mike Bautista. PyLocky is a family of ransomware written in Python that attempts to masquerade as a Locky variant. This ransomware will encrypt all files on a victim machine before demanding that the user pay a ransom to gain access to their decrypted f
Why we want users' feedback on Snort rule documentation
Today, Talos is launching a new community survey to solicit feedback on SNORTⓇ documentation. When Snort alerts the end user, the rule documentation is their first and possibly only avenue to find information on malicious traffic in their network. We know this can be better, and
Microsoft Patch Tuesday — January 2019: Vulnerability disclosures and Snort coverage
Vulnerability Spotlight: Multiple Apple IntelHD5000 privilege escalation vulnerabilities
Submissions for talks at the 2019 Talos Threat Research Summit are now open
