Cisco Coverage for CVE-2017-0199
Over the past week, information regarding a serious zero-day vulnerability (CVE-2017-0199) in Microsoft Office was publically disclosed. Since learning of this flaw, Talos has been actively investigating the issue. Preliminary reports indicated that this vulnerability was activel
Microsoft Patch Tuesday - April 2017
It’s that time again! Today we bring you April’s Microsoft Patch Tuesday information. These fixed vulnerabilities affect Outlook, Edge, Internet Explorer, Hyper-V, .NET, and Scripting Engine. Bulletins Rated Critical CVE-2017-0106 outlines a vulnerability in Microsoft Word. It
From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only 2 Weeks
This post was authored by Martin Lee and Warren Mercer, based on research conducted by Patrick DeSantis. *blog post was updated with additional information for Day 4 on April 21. Industrial Control Systems provide stability to civilization. They clean our water, deliver our pow
Threat Round-up for Mar 31 - Apr 7
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 31 and April 7. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
Hacking the Belkin E Series OmniView 2-Port KVM Switch
Author: Ian Payton, Security Advisory EMEAR This post is available to download as a whitepaper. Introduction Too frequently security professionals only consider software vulnerabilities when considering the risks of connecting devices to their networks and systems. When it com
Introducing ROKRAT
This blog was authored by Warren Mercer and Paul Rascagneres with contributions from Matthew Molyett. Executive Summary A few weeks ago, Talos published research on a Korean MalDoc. As we previously discussed this actor is quick to cover their tracks and very quickly cleaned up
Threat Round-up for Mar 24 - Mar 31
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 24 and March 31. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlightin
Threat Spotlight: Sundown Matures
This post authored by Nick Biasini with contributions from Edmund Brumaghin and Alex Chiu The last time Talos discussed Sundown it was an exploit kit in transition. Several of the large exploit kits had left the landscape and a couple of strong contenders remain. Sundown was one
Vulnerability Spotlight: Exploiting Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability
Vulnerabilities discovered by Matthew Van Gundy from Cisco ASIG Overview As a member of the Linux FoundationCore Infrastructure Initiative, Cisco is contributing to the CII effort by evaluating the Network Time Protocol daemon (ntpd) for security defects. We previously identif