Cisco Talos Blog

June 29, 2016 11:30

Detecting DNS Data Exfiltration

This blog was co-authored by Martin Lee and Jaeson Schultz with contributions from Warren Mercer. The recent discovery of Wekby and Point of Sale malware using DNS requests as a command and control channel highlights the need to consider DNS as a potentially malicious channel. A

June 28, 2016 15:01

Vulnerability Spotlight: LibreOffice RTF Vulnerability

Vulnerability discovered by Aleksandar Nikolic of Cisco Talos. Talos is disclosing the presence of CVE-2016-4324 / TALOS-2016-0126, a Use After Free vulnerability within the RTF parser of LibreOffice. The vulnerability lies in the parsing of documents containing both stylesheet

April 27, 2016 10:07

Vulnerability Spotlight: Further NTPD Vulnerabilities

As a member of the Linux Foundation Core Infrastructure Initiative, Cisco is contributing to the CII effort by evaluating the Network Time Protocol daemon (ntpd) for security defects. We previously identified a series of vulnerabilities in the Network Time Protocol daemon; throug

March 31, 2016 10:54

Vulnerability Spotlight: Lhasa Integer Underflow Exploit

Vulnerability discovered by Marcin Noga of Cisco Talos. Talos is disclosing the discovery of vulnerability TALOS-2016-0095 / CVE-2016-2347 in the Lhasa LZH/LHA decompression tool and library. This vulnerability is due to an integer underflow condition. The software verifies that