Cerber Spam: Tor All the Things!
This post authored by Nick Biasini and Edmund Brumaghin with contributions from Sean Baird and Andrew Windsor. Executive Summary Talos is continuously analyzing email based malware always looking at how adversaries change and the new techniques that are being added on an almo
Talos Responsible Disclosure Policy Update
Responsible disclosure of vulnerabilities is a key aspect of security research. Often, the difficulty in responsible disclosure is balancing competing interests - assisting a vendor with patching their product and notifying the general public to prevent a 0-day situation. It is u
Fareit Spam: Rocking Out to a New File Type
This post authored by Nick Biasini Talos is constantly monitoring the threat landscape including the email threat landscape. Lately this landscape has been dominated with Locky distribution. During a recent Locky vacation Talos noticed an interesting shift in file types being us
Vulnerability Spotlight: Multiple File Parsing Bugs in HDF5 File Library Patched
These vulnerabilities were discovered by the Talos Vulnerability Development Team. Today, Talos is disclosing the discovery of four vulnerabilities which have been identified in HDF5. HDF5 is a file format that is designed to be used for storage and organization of large amounts
Crashing Stacks Without Squishing Bugs: Advanced Vulnerability Analysis
This post is authored by Marcin Noga with contributions by Holger Unterbrink Overview Crash triaging can be a long and complicated process; by using proper tools and having an optimal approach, we can make this a bit easier and less time consuming. In this post we describe a tr
Microsoft Patch Tuesday - November 2016
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. For a detailed explanaiton of each of the categories listed below, please go to https://technet.microsoft.com/en-us/security/gg309177.aspx. T
Take the RIG Pill: Down the Rabbit Hole
The adversaries are leveraging Gates (e.g. EITest) to redirect the users to their Landing Page. This leads to a chain of redirects, before the victim finally gets on the landing page of the exploit kit.
Vulnerability Spotlight: Windows 10 Remote Denial of Service
Vulnerability discovered by Piotr Bania of Cisco Talos. Overview Talos is releasing an advisory for a remote denial of service attack vulnerability in Microsoft Windows 10 AHCACHE.SYS (TALOS-2016-0191 / CVE-2016-3369) An attacker can craft a malicious portable executable fi
Vulnerability Spotlight: Remotely Exploitable Bugs in Memcached Identified and Patched
Vulnerabilities identified by Aleksandar Nikolich of Talos. Our efforts to make the internet safer and protect our customers involves, amongst many other things, researching and identifying zero-day vulnerabilities in the third-party software. As part of our effort to find and r