Vulnerability Spotlight: Hangul Word Processor Remote Code Execution Vulnerability
Vulnerability discovered by a member of Talos. Overview Published by Hancom inc. the Hangul Office Suite, of which Hangul Word Processor is part, is the leading word processing and office productivity suite in South Korea. This vulnerability allows attackers to craft a malicio
Vulnerability Spotlight: Code Execution Vulnerability in LabVIEW
Vulnerability discovered by Cory Duplantis of Cisco Talos. Overview LabVIEW is a system design and development platform released by National Instruments. The software is widely used to create applications for data acquisition, instrument control and industrial automation. Talo
Microsoft Patch Tuesday - March 2017
Following a sparse February patch Tuesday, today’s March release brings a bumper crop of fixed vulnerabilities: 17 bulletins covering 140 different vulnerabilities, 47 of which are rated as critical. The critical vulnerabilities affect Internet Explorer, Edge, Hyper-V, Windows PD
Vulnerability Spotlight: Windows 10 Remote Denial of Service
Vulnerability discovered by Piotr Bania of Cisco Talos. Overview Talos is releasing an advisory for a remote denial of service attack vulnerability in Microsoft Windows 10 AHCACHE.SYS (TALOS-2016-0191 / CVE-2016-3369) An attacker can craft a malicious portable executable fi
Vulnerability Spotlight: Kaspersky Unhandled Windows Messages Denial of Service Vulnerability
Vulnerability discovered by Marcin 'Icewall' Noga of Cisco Talos. Overview Talos is disclosing the presence of TALOS-2016-0175 / CVE-2016-4329, a local denial of service vulnerability within Kaspersky anti-virus. A system user is able to cause a denial of service atta
Vulnerability Spotlight: Kaspersky Unhandled Windows Messages Denial of Service Vulnerability
Vulnerability discovered by Marcin ‘Icewall’ Noga of Cisco Talos. Overview Talos is disclosing the presence of TALOS-2016-0175 / CVE-2016-4329, a local denial of service vulnerability within Kaspersky anti-virus. A system user is able to cause a denial of service attack agains
Vulnerability Spotlight: Multiple Remote Code Execution Vulnerabilities Within Lexmark Perceptive Document Filters.
Vulnerabilities discovered by Tyler Bohan & Marcin Noga of Cisco Talos Talos are today releasing three new vulnerabilities discovered within the Lexmark Perceptive Document Filters library. TALOS-2016-0172, TALOS-2016-0173 and TALOS-2016-0183 allow for a remote code executio
Macro Intruders: Sneaking Past Office Defenses
This blog was written by Matthew Molyett with contributions from Martin Lee . Introduction Macros have been used since the mid 1990s to spread malware and infect systems. Increased user awareness of the need to disable the macro function within Microsoft Word during the late 90
Detecting DNS Data Exfiltration
This blog was co-authored by Martin Lee and Jaeson Schultz with contributions from Warren Mercer. The recent discovery of Wekby and Point of Sale malware using DNS requests as a command and control channel highlights the need to consider DNS as a potentially malicious channel. A