Nibiru ransomware variant decryptor
Nikhil Hegde developed this tool. Weak encryption The Nibiru ransomware is a .NET-based malware family. It traverses directories in the local disks, encrypts files with Rijndael-256 and gives them a .Nibiru extension. Rijndael-256 is a secure encryption algorithm. However, Ni
Threat Roundup for November 6 to November 13
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 6 and Nov. 13. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Vulnerability Spotlight: Multiple vulnerabilities in Pixar OpenUSD affects some versions of macOS
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Aleksandar Nikolic and Jon Munshaw. Pixar OpenUSD contains multiple vulnerabilities that attackers could exploit to carry out a variety of malicious actions. OpenUSD stands for “Open Universal Scene Des
Threat Source newsletter (Nov. 12, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We’re back after a few-week hiatus! And to celebrate, we just dropped some new research on the CRAT trojan that’s bringing some ransomware friends along with it. This blog post has all the details of this threat
CRAT wants to plunder your endpoints
* Cisco Talos has observed a new version of a remote access trojan (RAT) family known as CRAT. * Apart from the prebuilt RAT capabilities, the malware can download and deploy additional malicious plugins on the infected endpoint. * One of the plugins is a ransomware known as &
Microsoft Patch Tuesday for Nov. 2020 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Joe Marshall. Microsoft released its monthly security update Tuesday, disclosing just over 110 vulnerabilities across its products. This is a slight jump from last month when Microsoft disclosed one of their lowest vulnerability totals in
Threat Roundup for October 30 to November 6
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 30 and Nov. 6. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Vulnerability Spotlight: Multiple JavaScript vulnerabilities in Adobe Acrobat Reader
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Joe Marshall Cisco Talos recently discovered an heap buffer overflow and a use after free vulnerability in Adobe Acrobat Reader. Adobe Acrobat Reader is one of the most popular and feature-r
Cisco Talos Advisory on Adversaries Targeting the Healthcare and Public Health Sector
Background Cisco Talos has become aware that an adversary is leveraging Trickbot banking trojan and Ryuk ransomware to target U.S. hospitals and healthcare providers at an increasing rate. Security journalists reported on October 28, 2020 that the adversary was preparing to encr