Research Spotlight: Enabling Evil for Pocket Change
This post is authored by Tazz. Executive Summary At the end of February, one of the researchers on the team received a solicitation email from a domain reseller, which she reviewed the first week of March. The email was from Namecheap offering deeply discounted domains for
Vulnerability Spotlight: Lhasa Integer Underflow Exploit
Vulnerability discovered by Marcin Noga of Cisco Talos. Talos is disclosing the discovery of vulnerability TALOS-2016-0095 / CVE-2016-2347 in the Lhasa LZH/LHA decompression tool and library. This vulnerability is due to an integer underflow condition. The software verifies that
SamSam: The Doctor Will See You, After He Pays The Ransom
Cisco Talos is currently observing a widespread campaign leveraging the Samas/Samsam/MSIL.B/C ransomware variant. Unlike most ransomware, SamSam is not launched via user focused attack vectors, such as phishing campaigns and exploit kits. This particular family seems to be distri
Vulnerability Spotlight: Apple OS X Graphics Kernel Driver Local Privilege Escalation Vulnerability
Vulnerability discovered by Piotr Bania of Cisco Talos. Cisco Talos, in conjunction with Apple’s security advisory issued on Mar 22, is disclosing the discovery of a local vulnerability in the communication functionality of the Apple Intel HD3000 Graphics kernel driver. This vul
Malware Word Search: Identifying Angler's Dictionary
This post authored by Steve Poulson with contributions from Nick Biasini. Exploit kits are constantly evolving and changing. We recently wrote about some subtle Angler changes but then Angler changed drastically on March 8. In this blog post, we will briefly cover these changes,
TeslaCrypt 3.0.1 - Tales From The Crypt(o)!
This post is authored by Andrea Allievi and Holger Unterbrink Executive Summary Ransomware is malicious software that is designed to hold users' files (such as photos, documents, and music) for ransom by encrypting their contents and demanding the user pay a fee to decryp
Microsoft Patch Tuesday - March 2016
Patch Tuesday for March 2016 has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release contains 13 bulletins addressing 44 vulnerabilities. Five bulletins are rated c
Angler Attempts to Slip the Hook
This post authored by Nick Biasini with contributions from Joel Esler, Erick Galinkin and Melissa Taylor Talos has discussed at length the sophistication of the Angler exploit kit. One thing that always makes Angler stand apart is the speed with which they develop and implement
Tax Scams Gone International
Tax time in the US is quickly approaching. Everyone should be on the lookout for scams that are designed to trick you out of your money and personal information. The IRS is warning users about an increase in the number of email scams being used this year. However, these attacks a