This Holiday Season - Buy One IoT Device, Get Free CVEs
As the Internet of Things gains steam and continues to develop, so are adversaries and the threats affecting these systems. Companies throughout the world are busy deploying low cost Internet-connected computing devices (aka the Internet of Things) to solve business problems and
Vulnerability Spotlight: YAML Parsing Remote Code Execution Vulnerabilities in Ansible Vault and Tablib
Vulnerabilities discovered by Cory Duplantis of Talos. Talos is disclosing the presence of remote code execution vulnerabilities in the processing of Yet Another Markup Language (YAML) content in Ansible Vault and Tablib. Attackers can exploit these vulnerabilities through suppl
Vulnerability Spotlight: Code Execution Vulnerability in LabVIEW
Vulnerability discovered by Cory Duplantis of Cisco Talos. Update: 9/1/17 - National Instruments has published the following advisory Overview LabVIEW is a system design and development platform released by National Instruments. The software is widely used to create applicatio
Vulnerability Spotlight: FreeRDP Multiple Vulnerabilities
Vulnerabilities discovered by Tyler Bohan of Talos Overview Talos has discovered multiple vulnerabilities in the FreeRDP product. FreeRDP is a free implementation of the Remote Desktop Protocol (RDP) originally developed by Microsoft. RDP allows users to connect remotely to s
Vulnerability Spotlight: Dell Precision Optimizer and Invincea Vulnerabilities
Vulnerabilities discovered by Marcin ‘Icewall’ Noga of Cisco Talos. Overview Talos are releasing advisories for vulnerabilities in the Dell Precision Optimizer application service software, Invincea-X and Invincea Dell Protected Workspace. These packages are pre-installed on ce
The Internet of Vulnerable Things
Introduction Technological progress is resulting in computing systems that are smaller, cheaper and consuming less power. These micro-computing systems are able to be integrated into everyday objects; when coupled with ubiquitous wireless connectivity these devices form the “Inte
Vulnerability Spotlight: Hangul Word Processor Remote Code Execution Vulnerability
Vulnerability discovered by a member of Talos. Overview Published by Hancom inc. the Hangul Office Suite, of which Hangul Word Processor is part, is the leading word processing and office productivity suite in South Korea. This vulnerability allows attackers to craft a malicio
Vulnerability Spotlight: Code Execution Vulnerability in LabVIEW
Vulnerability discovered by Cory Duplantis of Cisco Talos. Overview LabVIEW is a system design and development platform released by National Instruments. The software is widely used to create applications for data acquisition, instrument control and industrial automation. Talo
Microsoft Patch Tuesday - March 2017
Following a sparse February patch Tuesday, today’s March release brings a bumper crop of fixed vulnerabilities: 17 bulletins covering 140 different vulnerabilities, 47 of which are rated as critical. The critical vulnerabilities affect Internet Explorer, Edge, Hyper-V, Windows PD