VPNFilter Update - VPNFilter exploits endpoints, targets new devices
Introduction Cisco Talos, while working with our various intelligence partners, has discovered additional details regarding "VPNFilter." In the days since we first published our findings on the campaign, we have seen that VPNFilter is targeting more makes/models of dev
Talos Threat Research Summit Guide and Cisco Live Preview
Vulnerability Spotlight: TALOS-2018-0535 - Ocularis Recorder VMS_VA Denial of Service Vulnerability
Vulnerabilities discovered by Carlos Pacho from Talos Overview Talos is disclosing a denial-of-service vulnerability in the Ocularis Recorder. Ocularis is a video management software (VMS) platform used in a variety of settings, from convenience stores, to city-wide deployments
NavRAT Uses US-North Korea Summit As Decoy For Attacks In South Korea
This blog post is authored by Warren Mercer and Paul Rascagneres with contributions from Jungsoo An. Executive Summary Talos has discovered a new malicious Hangul Word Processor (HWP) document targeting Korean users. If a malicious document is opened, a remote access trojan tha
Vulnerability Spotlight: Natus NeuroWorks Multiple Vulnerabilities
Vulnerabilities discovered by Cory Duplantis from Cisco Talos. Overview In April 2018, Talos published five vulnerabilities in Natus NeuroWorks software. We have also identified three additional vulnerabilities. This software is used in the Natus Xltek EEG medical products fr
Beers with Talos EP 30 - VPNFilter, the Unfiltered Story
Threat Roundup for May 18-25
Welcome to Cisco Talos' weekly Threat Roundup, where we go over some of the most prevalent malware and vulnerabilities we've seen over the past week. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the thr
New VPNFilter malware targets at least 500K networking devices worldwide
For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor's widespread use of a sophisticated modular malware system we call "VP
