Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several vulnerabilities in the Reolink RLC-410W security camera that could allow an attacker to perform several malicious actions, including performing man-in-the-middle attacks,
Vulnerability Spotlight: Vulnerability in Apple iOS, iPad OS and MacOS could lead to disclosure of sensitive memory data
Jaewon Min of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered an out-of-bounds read vulnerability in Apple’s macOS and iOS operating systems that could lead to the disclosure of sensitive memory content. An attacker could capitalize on that informat
Vulnerability Spotlight: Two vulnerabilities in Adobe Acrobat DC could lead to arbitrary code execution
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Adobe Acrobat Reader DC that could allow an attacker to eventually gain the ability to execute arbitrary code. Acrobat is one of the m
Vulnerability Spotlight: Heap buffer overflow condition in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that ot
Vulnerability Spotlight: Buffer overflow vulnerability in AnyCubic Chitubox plugin
Carl Hurd of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in the Chitubox AnyCubic plugin. Chitubox is 3-D printing software for users to download and process models and send them to a 3-D pri
Vulnerability Spotlight: Vulnerabilities in metal detector peripheral could allow attackers to manipulate security devices
Matt Wiseman of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in a device from Garrett Metal Detectors that could allow remote attackers to bypass authentication requirements, manipulate metal detector configurations, and
Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution
Cisco Talos recently discovered two vulnerabilities in the DaVinci Resolve video editing software that could allow an adversary to execute code in the context of the application. DaVinci Resolve is a non-linear video editing application from Blackmagic Software that is available
Vulnerability Spotlight: Use-after-free condition in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that other software
A review of Azure Sphere vulnerabilities: Unsigned code execs, kernel bugs, escalation chains and firmware downgrades
Summary of all the vulnerabilities reported by Cisco Talos in Microsoft Azure Sphere By Claudio Bozzato and Lilith [>_>]. In May 2020, Microsoft kicked off the Azure Sphere Security Research Challenge, a three-month initiative aimed at finding bugs in Azure Sphere. In