Threat Roundup for September 14 to September 21
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 14 and 21. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’
Cyber Threat Alliance Releases Cryptomining Whitepaper
This post is authored by Ashlee Benge. Despite the recent devaluation of some cryptocurrencies, illicit cryptocurrency miners remain a lucrative and widespread attack vector in the threat landscape. These miners are easy to deploy, and attackers see it as a quick way to steal ot
Beers with Talos EP 37: Snort 3 Beta Uses Multithreading. It’s Super Effective!
Threat Roundup for September 7 to September 14
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 7 and 14. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’v
SigAnalyzer: Signature analysis with CASC
Executive summary ClamAV Signature Creator (CASC) is an IDA Pro plugin that assists in the creation of ClamAV pattern signatures. We have enhanced this plugin to also analyze these signatures. The plugin highlights matching parts in a binary when its given a particular signature
Microsoft Patch Tuesday - September 2018
Microsoft released its monthly set of security updates today for a variety of its products that address a variety of bugs. The latest Patch Tuesday covers 61 vulnerabilities, 17 of which are rated "critical," 43 that are rated "important" and one that is consi
Threat Roundup for August 31 to September 7
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Aug. 31 and Sept. 7. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threat
Vulnerability Spotlight: CVE-2018-3952 / CVE-2018-4010 - Multi-provider VPN Client Privilege Escalation Vulnerabilities
Discovered by Paul Rascagneres. Overview Cisco Talos has discovered two similar vulnerabilities in the ProtonVPN and NordVPN VPN clients. The vulnerabilities allow attackers to execute code as an administrator on Microsoft Windows operating systems from a standard user. The
