Threat Roundup for June 28 to July 5
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 28 and July 5. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Beers with Talos Ep. #56 - Flatlined: Breach to Bankrupt
Beers with Talos (BWT) Podcast Ep. #56 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded 6/24/19 - Back in the studio for EP 56 and off the top, Matt got some new audio toy for his sid
Threat Source newsletter (July 3, 2019)
Vulnerability Spotlight: Remote code execution vulnerabilities in Simple DirectMedia Layer
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Simple DirectMedia Layer contains two vulnerabilities that could an attacker to remotely execute code on the victim’s machine. Both bugs are present in the SDL2_image library, which is used for loading images
RATs and stealers rush through “Heaven’s Gate” with new loader
By Holger Unterbrink and Edmund Brumaghin. Executive summary Malware is constantly finding new ways to avoid detection. This doesn't mean that some will never be detected, but it does allow adversaries to increase the period of time between initial release and detection. F
Vulnerability Spotlight: Google V8 Array.prototype memory corruption vulnerability
The V8 JavaScript engine in Google Chrome contains a memory corruption vulnerability that could allow an attacker to gain the ability to execute arbitrary code on the victim’s machine. V8 is the core JavaScript engine that runs in the Chrome browser. As part of Chrome and node.is
Threat Roundup for June 21 to June 28
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 21 and June 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Welcome Spelevo: New exploit kit full of old tricks
EXECUTIVE SUMMARY Exploit kits are an ever-present and often forgotten threat on the landscape today. Their popularity seemed to peak several years ago with the success and eventual downfall of some of the best compromise platforms ever created, including the Angler Exploit Kit.