Operation Blockbuster: Coverage for the Lazarus Group
The threat landscape is in constant flux. In many situations, the entire security community must work together to combat some of today’s larger threats. Novetta researched a group of malware families that all appear to be related to the same group of threat actors dubbed “The Laz
Bedep Lurking in Angler's Shadows
This post is authored by Nick Biasini. In October 2015, Talos released our detailed investigation of the Angler Exploit Kit which outlined the infrastructure and monetary impact of an exploit kit campaign delivering ransomware. During the investigation we found that two thirds o
Microsoft Patch Tuesday - February 2016
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release contains twelve bulletins addressing 37 vulnerabilities. Five bulletins are rated critical and address vulnerabilities in
The Internet of Things Is Not Always So Comforting
This post is authored by Alex Chiu. Over the past few years, the Internet of Things (IoT) has emerged as reality with the advent of smart refrigerators, smart HVAC systems, smart TVs, and more. Embedding internet-enabled devices into everything presents new opportunities in conn
Vulnerability Spotlight: Libgraphite Font Processing Vulnerabilities
Vulnerabilities Discovered by Yves Younan of Cisco Talos. Talos is releasing an advisory for four vulnerabilities that have been found within the Libgraphite library, which is used for font processing in Linux, Firefox, LibreOffice, and other major applications. The most severe
Bypassing MiniUPnP Stack Smashing Protection
This post was authored by Aleksandar Nikolic, Warren Mercer, and Jaeson Schultz Summary MiniUPnP is commonly used to allow two devices which are behind NAT firewalls to communicate with each other by opening connections in each of the firewalls, commonly known as “hole punchin
Research Spotlight: Needles in a Haystack
This post was authored by Mariano Graziano. Malware sandboxes are automated dynamic analysis systems that execute programs in a controlled environment. Within the large volumes of samples submitted daily to these services, some submissions appear to be different from others and
Microsoft Patch Tuesday - January 2016
The first Patch Tuesday of 2016 has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is relatively light with nine bulletins addressing 25 vulnerabilities. Six b
Rigging compromise - RIG Exploit Kit
This post was authored by Nick Biasini with contributions by Joel Esler. Exploit Kits are one of the biggest threats that affects users, both inside and outside the enterprise, as it indiscriminately compromises simply by visiting a web site, delivering a malicious payload. One