Vulnerability Spotlight: EIP Stack Group OpENer information disclosure vulnerability
Martin Zeiser of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable information disclosure vulnerability in EIP Stack Group OpENer’s Ethernet/IP UDP handler. OpENer is an Ethernet/IP stack for I/O adapter devices that
What’s past is prologue – A new world of critical infrastructure security
By Caitlin Huey, Joe Marshall and Thomas Pope. Attackers have targeted American critical infrastructure several times over the past few years, putting at risk U.S. electrical grids, oil pipelines and water supply systems. However, we collectively have not responded in a meaningf
Threat Roundup for June 4 to June 11
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 4 and June 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Talos Takes Ep. #56: The first security steps you should take when you return to the office
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We started out the COVID-19 pandemic by thinking we'd be away from the office for a month — maybe two. More than 12
Threat Source newsletter (June 10, 2021)
Good afternoon, Talos readers. We seriously can't escape from ransomware. It's in the headlines constantly and has now drawn the full attention of the federal government. But we at Talos recognize that is going to take far more than just words to address this global thre
Quarterly Report: Incident Response trends from Spring 2021
By David Liebenberg and Caitlin Huey. While the security community made a great effort to warn users of the exploitation of several Microsoft Exchange Server zero-day vulnerabilities, it was still the biggest threat Cisco Talos Incident Response (CTIR) saw this past quarter. The
Vulnerability Spotlight: Code execution vulnerability in Google Web Audio API
Piotr Bania of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two use-after-free vulnerabilities in Google’s Web Audio API that an adversary could exploit to execute remote code on the victim machine. Web Audio API is a high-le
Microsoft Patch Tuesday for June 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Edmund Brumaghin. Microsoft released its monthly security update Tuesday, disclosing 51 vulnerabilities across its suite of products, breaking last month’s 16-month record of the fewest vulnerabilities disclosed in a month by the company.
Intelligence-driven disruption of ransomware campaigns
By Neil Jenkins and Matthew Olney. Note: Our guest co-author, Neil Jenkins, is the Chief Analytic Officer at the Cyber Threat Alliance. He leads the CTA's analytic efforts, focusing on the development of threat profiles, adversary playbooks and other analysis using the threa