Vulnerability Spotlight: Use-after-free vulnerability in WebKit
Marcin Towalski of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. The WebKit browser engine contains a use-after-free vulnerability in its GraphicsContext function. A malicious web page code could trigger a use-after-free error, which could lead to a potentia
Vulnerability Spotlight: A deep dive into macOS SMB server
By Aleksandar Nikolich. Executive summary Cisco Talos recently discovered multiple vulnerabilities in macOS’s implementation of SMB server. An adversary could exploit these vulnerabilities to carry out a variety of malicious actions, including revealing sensitive information o
Vulnerability Spotlight: Multiple vulnerabilities in Accusoft ImageGear
Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in Accusoft ImageGear. The ImageGear library is a document-imaging developer toolkit that allows users to create, edit, annotate and c
Threat Roundup for May 21 to May 28
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 21 and May 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key
Talos Takes Ep. #55: How Transparent Tribe could evolve in the future
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We recently covered how the Transparent Tribe APT added another RAT to its arsenal. Where might they go from here? In th
Threat Source newsletter (May 27, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We're used to referring to attackers as either APTs or not APTs. And when something is an APT, it sounds a lot scarier and sexier. But it's our belief that that isn't going to cut it anymore. Theref
Elizabethan England has nothing on modern-day Russia
This post was authored by Warren Mercer and Vitor Ventura The threat landscape is changing. Organizations need to defend against an ever-evolving tranche of threat actors. For a long time, the lines that distinguish state-sponsored and crimeware groups were well-defined. We beli
Vulnerability Spotlight: Multiple vulnerabilities in Trend Micro Home Network Security Station
Carl Hurd and Kelly Leuschner of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in Trend Micro’s Home Network Security Station. The Home Network Security Station is a device that monitors and protects hom
Threat Roundup for May 14 to May 21
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 14 and May 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key