Cisco Talos Blog

October 15, 2021 17:08

Threat Roundup for October 8 to October 15

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 8 and Oct. 15. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke

October 14, 2021 13:17

Vulnerability Spotlight: Code execution vulnerabilities in Nitro Pro PDF

A Cisco Talos team member discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application. Nitro Pro PDF is part of Nitro Software’s Productivit

October 12, 2021 15:43

Vulnerability Spotlight: Use-after-free vulnerability in Microsoft Excel could lead to code execution

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a use-after-free vulnerability in the ConditionalFormatting functionality of Microsoft Office Excel 2019 that could allow an attacker to execute arbitrary code on the victim machi

October 12, 2021 13:33

Microsoft Patch Tuesday for Oct. 2021 — Snort rules and prominent vulnerabilities

By Jon Munshaw, with contributions from Asheer Malhotra. Microsoft released its monthly security update Tuesday, disclosing 78 vulnerabilities in the company’s various software, hardware and firmware offerings. This month’s release is particularly notable because there are only

October 12, 2021 10:48

Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows

UUpdate (Nov. 29, 2021): Anker patched five other vulnerabilities in this product affecting the same version as originally listed in this blog. These have been added to the post. Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered two

September 30, 2021 08:01

A wolf in sheep's clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus

By Vitor Ventura and Arnaud Zobec. Threat actors are impersonating the group Amnesty International and promising to protect against the Pegasus spyware as part of a scheme to deliver malware. Amnesty International recently made international headlines when it released a groundb

September 23, 2021 11:00

Vulnerability Spotlight: Information disclosure vulnerability in D-LINK DIR-3040 mesh router

Dave McDaniel of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable information disclosure vulnerability in the D-LINK DIR-3040 smart WiFi mesh router that could allow an adversary to eventually turn off the device or remove other connected

September 23, 2021 08:01

Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs

By Asheer Malhotra, Vanja Svajcer and Justin Thattil. * Cisco Talos is tracking a campaign targeting government personnel in India using themes and tactics similar to APT36 (aka Mythic Leopard and Transparent Tribe). * This campaign distributes malicious documents and archive

September 14, 2021 13:33

Microsoft Patch Tuesday for Sept. 2021 — Snort rules and prominent vulnerabilities

By Jon Munshaw, with contributions from Holger Unterbrink. Microsoft released its monthly security update Tuesday, disclosing 85 vulnerabilities across the company’s firmware and software. This month’s release is headlined by an official patch for the critical remote code execut