Beers with Talos EP 16: Strong Copy - Bad Rabbit and the Nyetya Connection
Beers with Talos (BWT) Podcast Episode 16 is now available. Download this episode and subscribe to Beers with Talos: The crew takes on Apache OpenOffice vulns and when you need one CVE versus one hundred. We spend a lot of time discussing signal to noise ratio and Twitter canar
Poisoning the Well: Banking Trojan Targets Google Search Results
This blog post was authored by Edmund Brumaghin, Earl Carter and Emmanuel Tacheau. Summary It has become common for users to use Google to find information that they do not know. In a quick Google search you can find practically anything you need to know. Links returned by
Vulnerability Spotlight: The Circle of a Bug’s Life
Overview Cisco Talos is disclosing several vulnerabilities identified in Circle with Disney. Circle with Disney is a network device designed to monitor the Internet use of children on a given network. Circle pairs wirelessly, with your home Wi-Fi and allows you to manage every de
Vulnerability Spotlight: Multiple Vulnerabilities in Cesanta Mongoose Server
These vulnerabilities were discovered by Aleksandar Nikolic of Cisco Talos Today, Talos is disclosing several vulnerabilities that have been identified in Cesanta Mongoose server. Cesanta Mongoose is a library implementing a number of networking protocols, including HTTP, MQTT,
Threat Round Up for Oct 20 - Oct 27
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between October 20 and October 27. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlig
Vulnerability Spotlight: Apache OpenOffice Vulnerabilities
Discovered by Marcin ‘Icewall’ Noga of Cisco Talos Overview Today, Talos is releasing details of three new vulnerabilities discovered within Apache OpenOffice application. The first vulnerability, TALOS-2017-0295 within OpenOffice Writer, the second TALOS-2017-0300 in the Draw
Threat Spotlight: Follow the Bad Rabbit
Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues. Update 2017-10-26 16:10 EDT: added additional information regarding the links between Nyetya and BadRabbit Upd
“Cyber Conflict” Decoy Document Used In Real Cyber Conflict
Update 10/23: CCDCOE released a statement today on their website Introduction Cisco Talos discovered a new malicious campaign from the well known actor Group 74 (aka Tsar Team, Sofacy, APT28, Fancy Bear…). Ironically the decoy document is a deceptive flyer relating to the Cyb
Vulnerability Spotlight: Google PDFium Tiff Code Execution
Overview Talos is disclosing a single off-by-one read/write vulnerability found in the TIFF image decoder functionality of PDFium as used in Google Chrome up to and including version 60.0.3112.101. Google Chrome is the most widely used web browser today and a specially crafted P