Vulnerability Spotlight: BlueStacks App Player Privilege Escalation
Discovered by Marcin ‘Icewall’ Noga of Cisco Talos Talos is releasing an advisory for a vulnerability in BlueStacks App Player. (TALOS-2016-0124/CVE-2016-4288). The BlueStacks App Player is designed to enable Android applications to run on Windows PCs and Macintosh computers. It
Vulnerability Spotlight: OpenOffice Impress MetaActions Arbitrary Read Write Vulnerability
This vulnerability was discovered by Richard Johnson and Yves Younan of Cisco Talos. Talos is releasing an advisory for a vulnerability in OpenOffice Impress. (TALOS-2016-0051/CVE-2016-1513). Talos has discovered an exploitable out-of-bounds vulnerability which exists in OpenOff
Vulnerability Spotlight: Symantec Norton Security IDSvix86 PE Remote System Denial of Service
Vulnerability discovered by Piotr Bania of Cisco Talos Talos is disclosing the presence of a denial of service vulnerability (CVE-2016-5308 / TALOS-2016-0182) in the Portable Executable file scanning functionality of Symantec Norton Security. A specially crafted PE file can cau
Ransomware: Past, Present, and Future
"What's past is prologue." -- William Shakespeare, The Tempest Introduction The rise of ransomware over the past year is an ever growing problem. Businesses often believe that paying the ransom is the most cost effective way of getting their data back - and this
Vulnerability Deep Dive: Exploiting the Apple Graphics Driver and Bypassing KASLR
Cisco Talos vulnerability researcher Piotr Bania recently discovered a vulnerability in the Apple Intel HD 3000 Graphics driver, which we blogged about here. In this post we are going to take a deeper dive into this research and look into the details of the vulnerability as well
Vulnerability Spotlight: Apple OS X Graphics Kernel Driver Local Privilege Escalation Vulnerability
Vulnerability discovered by Piotr Bania of Cisco Talos. Cisco Talos, in conjunction with Apple’s security advisory issued on Mar 22, is disclosing the discovery of a local vulnerability in the communication functionality of the Apple Intel HD3000 Graphics kernel driver. This vul
Rigging compromise - RIG Exploit Kit
This post was authored by Nick Biasini with contributions by Joel Esler. Exploit Kits are one of the biggest threats that affects users, both inside and outside the enterprise, as it indiscriminately compromises simply by visiting a web site, delivering a malicious payload. One
Vulnerability Spotlight: Apple Quicktime Corrupt stbl Atom Remote CodeExecution
This post was authored by Rich Johnson, William Largent, and Ryan Pentney. Earl Carter contributed to this post. Cisco Talos, in conjunction with Apple’s security advisory issued on June 30th, is disclosing the discovery of a remote code execution vulnerability within Apple Qui