Cisco Talos Blog

July 15, 2010 17:11

Vulnerability Report - July 2010

Sourcefire VRT Vulnerability Report July 2010 from Sourcefire VRT on Vimeo.

By Nigel Houghton
July 13, 2010 17:32

Rule Release for Today, Tuesday July 13th, 2010

Microsoft Security Advisory MS10-042: Microsoft Help and Support Center contains a programming error that may  allow a remote attacker to bypass security restrictions on an affected system. The error occurs when invalid hex-encoded characters are used as a parameter to a search

By Nigel Houghton
July 8, 2010 11:14

Fundamentals of Exploit Development Class in VEGAS!

Need some more exploit fun? Want to stay in Vegas a little longer? Need some face time with the VRT? We are holding the fundamentals of exploit development class right after DefCon this year. August 2nd, 3rd and 4th in Las Vegas, NV. For more details and to book your place, take

By Nigel Houghton
July 1, 2010 16:51

Rule Release for Today, Thursday July 1st, 2010

Remote code execution in Adobe Acrobat and Reader. Some folks are claiming it's a denial of service, heh, right. RCE is possible, get your rules here: http://www.snort.org/vrt/advisories/2010/07/01/vrt-rules-2010-07-01.html/

By Nigel Houghton
June 29, 2010 16:46

Rule Release for Today, Tuesday June 29th, 2010

We added and modified multiple rules in the backdoor, dos, exploit, misc, multimedia, netbios, oracle, pop3, rpc, specific-threats, web-activex, web-client and web-misc rule sets . Information is here: http://www.snort.org/vrt/advisories/2010/06/29/vrt-rules-2010-06-29.html/

By Nigel Houghton
June 28, 2010 16:21

IMPORTANT Rule Download Change

Today the Snort Web Team made a change to the way that Snort rules are downloaded from snort.org. Hopefully this will result in faster downloads for most people. The changes are highlighted below: We are changing the way we publish rules. In June 2010 we stopped offering rules i

By Nigel Houghton
June 17, 2010 16:26

Rule Release for Today - June 17th, 2010

As a result of ongoing research, the Sourcefire VRT has added multiple rules in the dos, exploit, ftp, mysql, policy, rpc, specific-threats, spyware-put, web-activex, web-client, web-misc and web-php rule sets to provide coverage for emerging threats from these technologies. For

By Nigel Houghton
June 14, 2010 15:20

Rule Release for Today - June 14th, 2010

Apple Safari RCE (CVE-2010-1939), Google Chrome GLUG bypass (CVE-2010-1663). Details available here: http://www.snort.org/vrt/advisories/2010/06/14/vrt-rules-2010-06-14.html/

By Nigel Houghton
June 10, 2010 17:53

Rule Release for Today, June 10th, 2010

Microsoft Help and Support Center Bypass Vulnerability: Microsoft Help and Support Center contains a programming error that may allow a remote attacker to bypass security restrictions on an affected system. The error occurs when invalid hex-encoded characters are used as a param

By Nigel Houghton