BASS - BASS Automated Signature Synthesizer
This blog post was authored by Jonas Zaddach and Mariano Graziano. Executive Summary Given the rapid pace of change in the threat landscape with new threats emerging and existing ones evolving, there are bound to be challenges defenders face. These challenges can manifest in m
Deep dive in Lexmark Perceptive Document Filters Exploitation
This post authored by Marcin Noga with contributions from Nick Biasini Introduction Talos discovers and releases software vulnerabilities on a regular basis. We don't always publish a deep technical analysis of how the vulnerability was discovered or its potential impact.
Microsoft Patch Tuesday - June 2017
Today, Microsoft has release their monthly set of security updates designed to address vulnerabilities. This month's release addresses 92 vulnerabilities with 17 of them rated critical and 75 rated important. Impacted products include Edge, Internet Explorer, Office, Sharepoi
BWT EP6: Enter the Talos, But Please Use a Unique Password
LISTEN HERE: Listen via iTunes Listen directly on the Talos Podcasts page. Episode Notes: The team discusses how to get into threat intel and join a team like Talos. There are many routes to enter the Talos, but no exits. Seriously, they won’t let me leave. Passwords, vaults
Threat Round-up for June 2 - June 9
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 02 and June 09. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
The Internet of Vulnerable Things
Introduction Technological progress is resulting in computing systems that are smaller, cheaper and consuming less power. These micro-computing systems are able to be integrated into everyday objects; when coupled with ubiquitous wireless connectivity these devices form the “Inte
BWT EP5 - It Has Been 0-days Since This Term was Abused
Beers with Talos Episode 5 "It Has Been 0-days Since This Term was Abused" is now available Listen here: Listen via iTunes Listen directly on the Talos Podcasts page. Episode Notes: The crew talks about the potential of Samba echoing WannaCry and blocking SMB ports
Threat Round-up for May 19 - May 26
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 19 and May 26. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Samba Vulnerability: Dancing Its Way to a Network Near You
Overview Today, a new vulnerability affecting the widely used Samba software was released. Samba is the SMB/CIFS protocol commonly used in *NIX operating systems. CVE-2017-7494 has the potential to impact many systems around the world. This vulnerability could allow a user to up