Ransomware: Because OpSec is Hard?
This blog was authored by Edmund Brumaghin and Warren Mercer Summary Talos recently published research regarding a new variant of destructive ransomware, which we dubbed Ranscam. During further analysis of Ranscam samples, we discovered several indicators of compromise (IOCs
Vulnerability Spotlight: OpenOffice Impress MetaActions Arbitrary Read Write Vulnerability
This vulnerability was discovered by Richard Johnson and Yves Younan of Cisco Talos. Talos is releasing an advisory for a vulnerability in OpenOffice Impress. (TALOS-2016-0051/CVE-2016-1513). Talos has discovered an exploitable out-of-bounds vulnerability which exists in OpenOff
Vulnerability Spotlight: Oracle's Outside In Technology, Turned Inside-Out
Vulnerabilities discovered by Aleksandar Nikolic. Blog post authored by Jaeson Schultz and Aleksandar Nikolic. One of the most fundamental tasks performed by many software programs involves the reading, writing, and general processing of files. In today's highly networked en
Vulnerability Spotlight: Apple Remote Code Execution With Image Files
Vulnerabilities discovered by Tyler Bohan of Cisco Talos. Many of the wide variety of file formats are designed for specialized uses within specific industries. Apple offers APIs as interfaces to provide a definitive way to access image data for multiple image formats on the App
Microsoft Patch Tuesday - July 2016
This post was authored by William Largent Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is has 11 bulletins addressing 49 vulnerabilities. 6 of these bulletins are ra
When Paying Out Doesn't Pay Off
This blog post was authored by Edmund Brumaghin and Warren Mercer Summary Talos recently observed a new ransomware variant targeting users. This ransomware shows that new threat actors are continuing to enter the ransomware market at a rapid pace due to the lucrative nature of
Vulnerability Spotlight: Local Code Execution via the Intel HD Graphics Windows Kernel Driver
This vulnerability was discovered by Piotr Bania. Talos, in coordination with Intel, is disclosing the discovery of TALOS-2016-0087, a local arbitrary code execution vulnerability within the Intel HD Graphics Windows Kernel Driver. This vulnerability exists in the communication
Vulnerability Spotlight: Symantec Norton Security IDSvix86 PE Remote System Denial of Service
Vulnerability discovered by Piotr Bania of Cisco Talos Talos is disclosing the presence of a denial of service vulnerability (CVE-2016-5308 / TALOS-2016-0182) in the Portable Executable file scanning functionality of Symantec Norton Security. A specially crafted PE file can cau
Connecting the Dots Reveals Crimeware Shake-up
This Post Authored by Nick Biasini For a couple of weeks in June the threat landscape was changed. Several high profile threats fell off the scene, causing a shake-up that hadn't been seen before. For a period of three weeks the internet was safer, if only for a short time.