Threat Roundup for October 23 to October 30
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 23 and Oct. 30. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread
By Warren Mercer, Paul Rascagneres and Vitor Ventura. * The newly discovered Firestarter malware uses Google Firebase Cloud Messaging to notify its authors of the final payload location. * Even if the command and control (C2) is taken down, the DoNot team can still redirect t
Beers with Talos ep. #95: Election 2020 – Advice for voters and election officials
Beers with Talos (BWT) Podcast episode No. 95 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded Oct. 9, 2020 We are running a short bench today after Nigel’s retiremen
Vulnerability Spotlight: Multiple vulnerabilities in Synology SRM (Synology Router Manager)
An adversary could use these vulnerabilities to carry out a range of malicious actions, including executing remote code on the device, the exposure of sensitive information regarding the victim’s network and communication with other devices connected to the same network.
Threat Roundup for October 16 to October 23
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 16 and Oct. 23. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Vulnerability Spotlight: A deep dive into WAGO’s cloud connectivity and the vulnerabilities that arise
Report and research by Kelly Leuschner. WAGO makes several programmable automation controllers that are used in many industries including automotive, rail, power engineering, manufacturing and building management. Cisco Talos discovered 41 vulnerabilities in their PFC200 and PFC
What to expect when you’re electing: A recap
We’re roughly two weeks out from Election Day in America, although millions of early and mail-in votes have already been cast. In the coming days, there’s sure to be a flurry of news stories about disinformation, allegations of voter fraud, the back-and-forth between parties and
Vulnerability Spotlight: Code execution vulnerability in Google Chrome WebGL
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Google Chrome web browser contains a vulnerability that could be exploited by an adversary to gain the ability to execute code on the victim machine. Chrome is one of the most popular web brow
Dynamic Data Resolver - Version 1.0.1 beta
By Holger Unterbrink. 12/17/20 Update: A new version of this software and associated blog can be found here Cisco Talos is releasing a new beta version of Dynamic Data Resolver (DDR) today. This release comes with a new architecture for samples using multi-threading. The proce