Threat Source newsletter (Jan. 16, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. This wasn’t your average Patch Tuesday. Microsoft’s monthly security update was notable for a few reasons. For start
Beers with Talos Ep. #70: Semper Vigilantes - Strategic Defense in a Cyber Conflict
By Mitch Neff. Beers with Talos (BWT) Podcast episode No. 70 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded Jan. 6, 2020 There is a looming cyber conflict on the horizon between t
Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Foxit PDF Reader
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered four remote code execution vulnerabilities in Foxit PDF Reader. Foxit PDF Reader is a popular program for reading and editing PDFs. The software supports Jav
Stolen emails reflect Emotet's organic growth
By Jaeson Schultz Introduction Emotet has a penchant for stealing a victim's email, then impersonating that victim and sending copies of itself in reply. The malicious emails are delivered through a network of stolen outbound SMTP accounts. This relatively simple email-man-
Microsoft Patch Tuesday — Jan. 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw. Updated January 15th: Added an Advanced Custom Detection (ACD) signature for AMP that can be used to detect exploitation of CVE-2020-0601 by spoofing certificates masquerading as a Microsoft ECC Code Signing Certificate Authority. Microsoft released its monthly
New Snort rules protect against recently discovered Citrix vulnerability
By Edmund Brumaghin, with contributions from Dalton Schaadt. Executive Summary Recently, the details of a critical vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway servers were publicly disclosed. This vulnerability is currently being tracked us
Threat Roundup for January 3 to January 10
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 3 and Jan. 10. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Threat Source newsletter (Jan. 9, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. We’re back after a long break for the holidays. And 2020 is already off to a fast start as tensions continue to rise
Vulnerability Spotlight: Code execution vulnerability in E2fsprogs
Lilith [^_^] of Cisco Talos discovered this vulnerability. E2fsprogs contains an exploitable code execution vulnerability in its directory rehashing functionality. This set of programs is often considered essential software for many Linux and Unix machines and ships by default