Vulnerability Spotlight: Code execution vulnerabilities in PrusaSlicer
Lilith >_> of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two out-of-bounds write vulnerabilities in Prusa Research’s PrusaSlicer. Prusa Slicer is an open-source 3-D printer slicing program forked off Slic3r that can c
A year of Fajan evolution and Bloomberg themed campaigns
By Vanja Svajcer. News summary * Some malware campaigns are designed to spread malware to as many people as possible — while some others carefully choose their targets. Cisco Talos recently discovered a malware campaign that does not fit in any of the two categories. This ac
Vulnerability Spotlight: Multiple vulnerabilities in Synology DiskStation Manager
The vulnerabilities exist in various features inside the operating system, including AppArmor and QuickConnect.
Vulnerability Spotlight: Remote code execution vulnerabilities in Cosori smart air fryer
Dave McDaniel of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Update (April 27, 2021): Cosori has released an update for this product that fixes these two vulnerabilities. Cisco Talos recently discovered two code execution vulnerabilities in the Cosori smart
Threat Roundup for April 9 to April 16
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 9 and April 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
Talos Takes Ep. #49: LodaRAT keeps growing....and growing
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Chris Neal from Talos Outreach has followed LodaRAT for years now. It’s gone from a fairly small threat to a full-on mal
Threat Source Newsletter (April 15, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. If you missed our webinar last week, we've got you covered. We've uploaded an extended version to our YouTube page that includes the scripts used in the presentation. This video will show you how to reve
Threat Advisory: NSA SVR Advisory Coverage
The U.S. National Security Agency released an advisory outlining several vulnerabilities that the Russian Foreign Intelligence Services (SVR) is exploiting in the wild. The U.S. formally attributed the recent SolarWinds supply chain attack to the SVR group in this advisory and de
Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Microsoft Azure Sphere
Claudio Bozzato and Lilith >_> of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos researchers recently discovered multiple vulnerabilities in Microsoft’s Azure Sphere, a cloud-connected and custom SoC platform designed specifically with IoT a