Vulnerability Spotlight: Denial-of-service vulnerabilities in Allen-Bradley Flex I/O
Jared Rittle of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. The Allen-Bradley Flex input/output system contains multiple denial-of-service vulnerabilities in its ENIP request path data segment. These bugs exist specifically in the 1794-AENT FLEX I/O modula
Threat Roundup for October 2 to October 9
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 2 and Oct. 9. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key
Threat Source newsletter for Oct. 8, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We’ve been writing and talking about election security a ton lately. And as the U.S. presidential election draws closer, we decided it was time to summarize some things. So, we released this blog post with our f
Vulnerability Spotlight: DoS vulnerability in ATIKMDAG.SYS AMD graphics driver
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered a denial-of-service vulnerability in the ATIKMDAG.SYS driver for some AMD graphics cards. An attacker could send the victim a specially crafted D3DKMTCreateAllocation API
What to expect when you’re electing: Voter recommendations
By Amy Henderson. Information operations have been around for millennia, yet with the advent of the internet and the democratization of content creation, the barriers to entry have lowered to a point that anyone can play now. In the course of our latest research on disinformati
90 days, 16 bugs, and an Azure Sphere Challenge
Cisco Talos reports 16 vulnerabilities in Microsoft Azure Sphere's sponsored research challenge. By Claudio Bozzato, Lilith [-_-]; and Dave McDaniel. On May 15, 2020, Microsoft kicked off the Azure Sphere Security Research Challenge, a three-month initiative aimed at fi
PoetRAT: Malware targeting public and private sector in Azerbaijan evolves
By Warren Mercer, Paul Rascagneres and Vitor Ventura. * The Azerbaijan public sector and other important organizations are still targeted by new versions of PoetRAT. * This actor leverages malicious Microsoft Word documents alleged to be from the Azerbaijan government. * The
Threat Roundup for September 25 to October 2
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 25 and Oct. 2. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Beers with Talos Ep. #93: “More Secure” myths and misconceptions
Beers with Talos (BWT) Podcast episode No. 93 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded Sept. 11, 2020 On today’s show, we take several of the larger security