Vulnerability Spotlight: Talos-2018-0694 - MKVToolNix mkvinfo read_one_element Code Execution Vulnerability
Piotr Bania, Cory Duplantis and Martin Zeiser of Cisco Talos discovered this vulnerability. Overview Today, Cisco Talos is disclosing a vulnerability that we identified in the MKVToolNix mkvinfo utility that parses the Matroska file format video files (.mkv files). MKVToolNix
Beers with Talos EP40: BWT XL feat. SuperMicro, Giant Patches, and More Mobile Malware
Threat Roundup for October 12 to October 19
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Oct. 12 and 19. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’v
Beers with Talos EP 39: VB 2018 Rundown and Prevalent Problems with PDF
Tracking Tick Through Recent Campaigns Targeting East Asia
Summary Since 2016, an advanced threat group that Cisco Talos is tracking has carried out cyberattacks against South Korea and Japan. This group is known by several different names: Tick, Redbaldknight and Bronze Butler. Although each campaign employed custom tools, Talos has o
Vulnerability Spotlight: Live Networks LIVE555 streaming media RTSPServer code execution vulnerability
These vulnerabilities were discovered by Lilith Wyatt of Cisco Talos. Cisco Talos is disclosing a code execution vulnerability that has been identified in Live Networks LIVE555 streaming media RTSPServer. LIVE555 Streaming Media is a set of open-source C++ libraries developed b
Vulnerability Spotlight: Linksys ESeries Multiple OS Command Injection Vulnerabilities
Cisco Talos is disclosing several vulnerabilities in the operating system on the Linksys E Series of routers. Multiple exploitable OS command injection vulnerabilities exist in the Linksys E Series line of routers. An attacker can exploit these bugs by sending an authenticated H
Old dog, new tricks - Analysing new RTF-based campaign distributing Agent Tesla, Loki with PyREbox
This blog post was authored by Edmund Brumaghin and Holger Unterbrink with contributions from Emmanuel Tacheau. Executive Summary Cisco Talos has discovered a new malware campaign that drops the sophisticated information-stealing trojan called "Agent Tesla," and othe