Vulnerability Spotlight: Natus NeuroWorks Multiple Vulnerabilities

Vulnerabilities discovered by Cory Duplantis from Talos. Overview Talos has discovered multiple vulnerabilities in Natus NeuroWorks software. This software is used in the Natus Xltek EEG medical products from Natus Medical Inc. The vulnerable devices contain an ethernet conne

Vulnerability Spotlight: Moxa AWK-3131A Multiple Features Login Username Parameter OS Command Injection Vulnerability

This vulnerability is discovered by Patrick DeSantis and Dave McDaniel of Cisco Talos Today, Talos is disclosing TALOS-2017-0507 (CVE-2017-14459), a vulnerability that has been identified in Moxa AWK-3131A industrial wireless access point. The Moxa AWK-3131A Industrial IEEE 802

Fake AV Investigation Unearths KevDroid, New Android Malware

This blog post is authored by Warren Mercer, Paul Rascagneres, Vitor Ventura and with contributions from Jungsoo An. Summary Several days ago, EST Security published a post concerning a fake antivirus malware targeting the Android mobile platform. In the Korean media, it was m

Vulnerability Spotlight: Multiple Vulnerabilities in Allen Bradley MicroLogix 1400 Series Devices

These vulnerabilities were discovered by Jared Rittle and Patrick DeSantis of Cisco Talos. Summary Rockwell Automation Allen-Bradley MicroLogix 1400 Programmable Logic Controllers (PLCs) are marketed for use in a variety of different Industrial Control System (ICS) applications

Vulnerability Spotlight: Multiple Nvidia D3D10 Driver Pixel Shader Vulnerabilities

Discovered by Piotr Bania of Cisco Talos Overview Today, Cisco Talos is disclosing multiple vulnerabilities that exist within the Nvidia D3D10 driver. This driver is used throughout multiple GPU product lines available from Nvidia. This is a commonly used driver, and exploitat

Forgot About Default Accounts? No Worries, GoScanSSH Didn’t

This blog post was authored by Edmund Brumaghin, Andrew Williams, and Alain Zidouemba.   Executive Summary During a recent Incident Response (IR) engagement, Talos identified a new malware family that was being used to compromise SSH servers exposed to the internet. This malwa

Talos Threat Research Summit at Cisco Live US 2018

Beers with Talos EP 25: WE'LL DO IT LIVE!!!

Microsoft Patch Tuesday - March 2018

Microsoft Patch Tuesday - March 2018 Today, Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 74 new vulnerabilities, with 14 of them rated cri