Vulnerability Spotlight: Two remote code execution vulnerabilities in Investintech Able2Extract
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered two remote code execution vulnerabilities in Investintech’s Able2Extract Professional. This software is a cross-platform PDF tool for Windows, Mac and Linux that conver
Threat Roundup for October 25 to November 1
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 25 and Nov. 1. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Threat Source newsletter (Oct. 31, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. We’re scared of stalkerware, and you should be, too. These spyware apps are becoming more popular among everyone fro
CISO Advisory: Security Architecture
This is the second paper within the series of CISO Advisories, in this case addressing Security Architecture which articulates risks and ensures security standards are met within an organization. Download the paper here. Access the series introduction and index here.
The commoditization of mobile espionage software
By Matthew Valites with contributions by Joanne Kim and Edmund Brumaghin. Executive summary Mobile stalkerware has all sorts of wide-ranging consequences. The creators of these types of apps can track user's locations, see their social media usage and more. And they certai
Vulnerability Spotlight: Denial-of-service in VMWare Fusion 11
Piotr Bania of Cisco Talos discovered this vulnerability. Executive summary VMware Fusion 11 contains an exploitable denial-of-service vulnerability. VMWare Fusion is an application for Mac operating systems that allows users to run other OSs in a virtual environment, such as W
Threat Roundup for October 18 to October 25
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 18 and Oct. 25. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Beers with Talos Ep. #64: Your problem isn’t complex, it's simply complexity
By Mitch Neff Beers with Talos (BWT) Podcast episode No. 64 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded Oct. 10, 2019 This episode lives up to its name, by trying to only take
Threat Source newsletter (Oct. 24, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Never assume that a malware family is really dead. We’ve done it time and time again with things like Emotet, and Gu