Threat Roundup for April 20-27

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 20 and 27. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key b

GravityRAT - The Two-Year Evolution Of An APT Targeting India

This blog post is authored by Warren Mercer and Paul Rascagneres. Update: 4/30 Since the publication of the blog post, one of the anti-VM capability was commented a lot on Twitter: the detection of Virtual Machines by checking the temperature of the system. We decided to add mo

Vulnerability Spotlight: Hyland Perceptive Document Filters Multiple Vulnerabilites

Vulnerabilities discovered by Marcin 'Icewall' Noga from Talos Overview Talos has discovered multiple vulnerabilities in Hyland Perceptive Document Filters software. This software is a toolkit that allows developers to read and extract metadata from a file. It supports

Cryptomining Campaign Returns Coal and Not Diamond

Beers with Talos EP27: Smart Install, Vuln Process Realities, and Professional Wrestling

Seriously, we grounded Matt’s computer for misbehaving with the audio. Featuring: Craig Williams (@Security_Craig), Joel Esler (@JoelEsler), Matt Olney (@kpyke) and Nigel Houghton (@EnglishLFC). Hosted by Mitch Neff (@MitchNeff). Find all episodes: http://cs.co/talospodcast Su

Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader

Overview Talos is disclosing five vulnerabilities in Foxit PDF Reader. Foxit PDF Reader is a popular free program for viewing, creating, and editing PDF documents. It is commonly used as an alternative to Adobe Acrobat Reader and has a widely used browser plugin available.  Updat

Updates for BASS

This blog post was authored by Jonas Zaddach and Mariano Graziano. Cisco Talos has rolled out a series of improvements to the BASS open-source framework aimed at speeding up its ability to provide coverage for new malware families. Talos released BASS, (pronounced "bæs"

Vulnerability Spotlight: Foscam IP Video Camera Firmware Recovery Unsigned Image Vulnerability

This vulnerability was discovered by Claudio Bozzato of Cisco Talos. Executive Summary The Foscam C1 Indoor HD Camera is a network-based camera that is marketed for a variety of uses, including as a home security monitoring device. Talos recently identified 32 vulnerabilities p

Threat Roundup for April 6 - 13

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 6 and 13. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key be