Vulnerability Spotlight: Memory corruption vulnerability in Daemon Tools Pro
Piotr Bania of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a memory corruption vulnerability in Disc Soft Ltd.'s Daemon Tools Pro. Daemon Tools Pro is a professional emulation software that works with disc images and virtual drives. It allows
Threat Roundup for August 6 to August 13
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 6 and Aug. 13. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Vulnerability Spotlight: Multiple integer overflow vulnerabilities in GPAC Project on Advanced Content
A Cisco Talos team member discovered these vulnerabilities. Cisco Talos recently discovered multiple integer overflow vulnerabilities in the GPAC Project on Advanced Content that could lead to memory corruption. The GPAC Project on Advanced Content is an open-source cross-platf
Talos Takes Ep. #64: Back 2 Skool edition
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. There's no shortage of complications leading into this new school year. Students, parents, teachers and admins alike
Vice Society leverages PrintNightmare in ransomware attacks
Executive Summary Another threat actor is actively exploiting the so-called PrintNightmarevulnerability (CVE-2021-1675 / CVE-2021-34527) in Windows' print spooler service to spread laterally across a victim's network as part of a recent ransomware attack, according to Ci
Threat Source newsletter (Aug. 12, 2021)
Good afternoon, Talos readers. No, that's not Ratatouille. It's ServHelper, who is much more dangerous (albeit just as cute) as the cartoon chef. We have a new blog post out today detailing this RAT, run by the threat actor Group TA505, that is stealing credit card data
Signed MSI files, Raccoon and Amadey are used for installing ServHelper RAT
By Vanja Svajcer. News summary * Group TA505 has been active for at least seven years, making wide-ranging connections with other threat actors involved in ransomware, stealing credit card numbers and exfiltrating data. One of the common tools in TA505's arsenal is ServH
Talos Incident Response quarterly threat report — The top malware families and TTPs used in Q2 2021
By David Liebenberg and Caitlin Huey. Last quarter, ransomware was not the most dominant threat for the first time since we began compiling these reports. We theorized that this was due to a huge uptick in Microsoft Exchange exploitation, which temporarily became a primary focus
Microsoft Patch Tuesday for August 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Martin Lee. Microsoft released its monthly security update Tuesday, disclosing 44 vulnerabilities in the company’s firmware and software. This is the fewest amount of vulnerabilities Microsoft has patched in a month in more than two years.