Blog
Recent
- March 8, 2018 February 22, 2018
March 8, 2018 16:15

Beers with Talos EP24: Reflections on DDoS and Bad Authentication Schemes

By Mitch Neff
Beers with Talos
March 6, 2018 10:59

Gozi ISFB Remains Active in 2018, Leverages "Dark Cloud" Botnet For Distribution

This blog post was authored by Edmund Brumaghin and Holger Unterbrink, with contributions from Adam Weller. Executive Summary Gozi ISFB is a well-known and widely distributed banking trojan, and has been in the threat landscape for the past several years. Banking trojans are

By Edmund Brumaghin, Holger Unterbrink
March 1, 2018 16:21

Vulnerability Spotlight: Simple DirectMedia Layer’s SDL2_Image

Overview Talos is disclosing several vulnerabilities identified in Simple DirectMedia Layer's SDL2_Image library that could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low-level access to audio, keyboard, mouse,

By William Largent
Vulnerability Spotlight
March 1, 2018 10:29

Vulnerability Spotlight: Dovecot out-of-bounds Read Vulnerability

Overview Today, Cisco Talos is disclosing a single out-of-bounds read vulnerability in the Dovecot IMAP server. Dovecot is a popular internet message access protocol, or IMAP, server with performance and security-oriented design. It is a popular choice for robust email servers.

By Earl Carter
February 28, 2018 10:16

CannibalRAT targets Brazil

By Vitor Ventura
RAT
February 26, 2018 13:03

Who Wasn’t Responsible for Olympic Destroyer?

Summary Absent contributions from traditional intelligence capacities, the available evidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow for unambiguous attribution. The threat actor responsible for the attack has

By Paul Rascagneres, Martin Lee
February 23, 2018 12:40

Threat Round Up for Feb 16 - 23

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between February 16 and February 23. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highl

By Alexander Chiu
Threat Roundup
February 23, 2018 10:22

Vulnerability Spotlight: Adobe Acrobat Reader DC Document ID Remote Code Execution Vulnerability

Discovered by Aleksandar Nikolic of Cisco Talos Overview Today, Talos is releasing details of a new vulnerability within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and most feature-rich PDF reader. It has a big user base, is usually a default PDF reader

By Warren Mercer
February 22, 2018 19:58

Beers with Talos EP23 - Eternal Fauxmance: Attribution Easter Eggs

Featuring: Craig Williams (@Security_Craig), Joel Esler (@JoelEsler), Matt Olney (@kpyke) and Nigel Houghton (@EnglishLFC). Hosted by Mitch Neff (@MitchNeff). Find all episodes: http://cs.co/talospodcast Subscribe via iTunes (and leave a review!) http://cs.co/talositunes Check

By Mitch Neff
Beers with Talos