Cisco Talos Blog

April 5, 2018 09:55

Critical Infrastructure at Risk: Advanced Actors Target Smart Install Client

Update: 4/9 Cisco PSIRT has released additional guidance available here. Cisco has recently become aware of specific advanced actors targeting Cisco switches by leveraging a protocol misuse issue in the Cisco Smart Install Client. Several incidents in multiple countries, includi

By Nick Biasini
Threat Advisory
March 13, 2018 17:38

Microsoft Patch Tuesday - March 2018

Microsoft Patch Tuesday - March 2018 Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 74 new vulnerabilities, with 14 of them rated cri

By Nick Biasini
Patch Tuesday
January 17, 2018 12:46

Vulnerability Spotlight: Tinysvcmdns Multi-label DNS DoS Vulnerability

Overview Talos is disclosing a single NULL pointer dereference vulnerability in the tinysvcmdns library. Tinysvcmdns is a tiny MDNS responder implementation for publishing services. This is essentially a mini and embedded version of Avahi or Bonjour. Details Discovered by Cla

By Nick Biasini
Vulnerability Spotlight
December 19, 2017 14:00

Vulnerability Spotlight: VMWare VNC Vulnerabilities

UPDATE 03/15/2018: Added details for Talos-2017-0376/CVE-2018-6957 which has been recently patched. Today, Talos is disclosing a pair of vulnerabilities in the VNC implementation used in VMWare's products that could result in code execution. VMWare implements VNC for its rem

By Nick Biasini
Vulnerability Spotlight
November 15, 2017 10:36

Vulnerability Spotlight: Multiple Remote Code Execution Vulnerabilities Within libxls

Vulnerabilities discovered by Marcin Noga of Cisco Talos Talos is releasing seven new vulnerabilities discovered within the libxls library: TALOS-2017-0403, TALOS-2017-0404, TALOS-2017-0426, TALOS-2017-0460, TALOS-2017-0461, TALOS-2017-0462, and TALOS-2017-0463. These vulnerabil

By Nick Biasini
Vulnerability Spotlight
October 24, 2017 16:51

Threat Spotlight: Follow the Bad Rabbit

Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues. Update 2017-10-26 16:10 EDT: added additional information regarding the links between Nyetya and BadRabbit Upd

By Nick Biasini
ransomware
September 7, 2017 18:42

Another Apache Struts Vulnerability Under Active Exploitation

This post authored by Nick Biasini with contributions from Alex Chiu. Earlier this week, a critical vulnerability in Apache Struts was publicly disclosed in a security advisory. This new vulnerability, identified as CVE-2017-9805, manifests due to the way the REST plugin uses XS

By Nick Biasini
August 28, 2017 11:30

Vulnerability Spotlight: Lexmark Perceptive Document Filters Code Execution Bugs

Overview Talos is disclosing a pair of code execution vulnerabilities in Lexmark Perceptive Document Filters. Perceptive Document Filters are a series of libraries that are used to parse massive amounts of different types of file formats for multiple purposes. Talos has previous

By Nick Biasini
Vulnerability Spotlight
August 8, 2017 12:15

Vulnerability Spotlight: Adobe Reader DC Parser Confusion

Parser vulnerabilities in common software packages such as Adobe Acrobat Reader pose a significant security risk to large portions of the internet. The fact that these software packages typically have a large footprints often gives attackers a broad attack surface they can potent

By Nick Biasini
Vulnerability Spotlight