Cisco Talos Blog

May 20, 2021 13:41

Vulnerability Spotlight: Heap-based buffer overflow in Google Chrome could lead to code execution

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source ver

May 19, 2021 14:54

Vulnerability Spotlight: Information disclosure vulnerability in macOS SMB server

Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable integer overflow vulnerability in Apple macOS’ SMB server that could lead to information disclosure. Server Message Block (SMB) is a network file

May 13, 2021 08:08

Transparent Tribe APT expands its Windows malware arsenal

Transparent Tribe, also known as APT36 and Mythic Leopard, continues to create fake domains mimicking legitimate military and defense organizations as a core component of their operations. Cisco Talos’ previous research has mainly linked this group to CrimsonRAT, but new campaign

May 11, 2021 14:32

Microsoft Patch Tuesday for May 2021 — Snort rules and prominent vulnerabilities

By Jon Munshaw, with contributions from Chris Neal. Microsoft released its monthly security update Tuesday, disclosing 55 vulnerabilities across its suite of products, the fewest in any month since January 2020. There are only three critical vulnerabilities patched in this mont

May 11, 2021 14:30

Vulnerability Spotlight: Code execution vulnerability in Adobe Acrobat Reader

Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an arbitrary code execution vulnerability in Adobe Acrobat Reader. Adobe Acrobat Reader is one of the most popular and feature-rich PDF readers on the market. T

May 7, 2021 15:50

Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs

By Caitlin Huey and Andrew Windsor with contributions from Edmund Brumaghin. * Lemon Duck continues to refine and improve upon their tactics, techniques and procedures as they attempt to maximize the effectiveness of their campaigns. * Lemon Duck remains relevant as the operat

April 27, 2021 10:17

Vulnerability Spotlight: Information disclosure vulnerability in the Linux Kernel

Lilith >_> and Claudio Bozzato of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an information disclosure vulnerability in the Linux Kernel. The Linux Kernel is the free and open-source core of Unix-like operating systems.

April 21, 2021 13:00

Vulnerability Spotlight: Code execution vulnerabilities in PrusaSlicer

Lilith >_> of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two out-of-bounds write vulnerabilities in Prusa Research’s PrusaSlicer. Prusa Slicer is an open-source 3-D printer slicing program forked off Slic3r that can c

April 21, 2021 07:59

A year of Fajan evolution and Bloomberg themed campaigns

By Vanja Svajcer. News summary * Some malware campaigns are designed to spread malware to as many people as possible — while some others carefully choose their targets. Cisco Talos recently discovered a malware campaign that does not fit in any of the two categories. This ac