Threat Roundup for October 8 to October 15
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 8 and Oct. 15. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Vulnerability Spotlight: Code execution vulnerabilities in Nitro Pro PDF
A Cisco Talos team member discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application. Nitro Pro PDF is part of Nitro Software’s Productivit
Vulnerability Spotlight: Use-after-free vulnerability in Microsoft Excel could lead to code execution
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a use-after-free vulnerability in the ConditionalFormatting functionality of Microsoft Office Excel 2019 that could allow an attacker to execute arbitrary code on the victim machi
Microsoft Patch Tuesday for Oct. 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Asheer Malhotra. Microsoft released its monthly security update Tuesday, disclosing 78 vulnerabilities in the company’s various software, hardware and firmware offerings. This month’s release is particularly notable because there are only
Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows
UUpdate (Nov. 29, 2021): Anker patched five other vulnerabilities in this product affecting the same version as originally listed in this blog. These have been added to the post. Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered two
A wolf in sheep's clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus
By Vitor Ventura and Arnaud Zobec. Threat actors are impersonating the group Amnesty International and promising to protect against the Pegasus spyware as part of a scheme to deliver malware. Amnesty International recently made international headlines when it released a groundb
Vulnerability Spotlight: Information disclosure vulnerability in D-LINK DIR-3040 mesh router
Dave McDaniel of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable information disclosure vulnerability in the D-LINK DIR-3040 smart WiFi mesh router that could allow an adversary to eventually turn off the device or remove other connected
Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs
By Asheer Malhotra, Vanja Svajcer and Justin Thattil. * Cisco Talos is tracking a campaign targeting government personnel in India using themes and tactics similar to APT36 (aka Mythic Leopard and Transparent Tribe). * This campaign distributes malicious documents and archive
Microsoft Patch Tuesday for Sept. 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Holger Unterbrink. Microsoft released its monthly security update Tuesday, disclosing 85 vulnerabilities across the company’s firmware and software. This month’s release is headlined by an official patch for the critical remote code execut