Vulnerability Spotlight: Use-after-free in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that other software
Threat Roundup for January 28 to February 4
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 28 and Feb. 4. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Arid Viper APT targets Palestine with new wave of politically themed phishing attacks, malware
Cisco Talos has observed a new wave of Delphi malware called Micropsia developed and operated by the Arid Viper APT group since 2017. * This campaign targets Palestinian entities and activists using politically themed lures. * The latest iteration of the implant contains multi
Vulnerability Spotlight: Multiple vulnerabilities in Sealevel SeaConnect
Francesco Benvenuto and Matt Wiseman of Cisco Talos discovered these vulnerabilities. Update (Feb. 16, 2022): We are also disclosing a vulnerability in the Texas Instruments CC3200 SimpleLink microcontroller that is related to the SeaConnect vulnerabilities outlined in this post
Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables
Cisco Talos has observed a new campaign targeting Turkish private organizations alongside governmental institutions. * Talos attributes this campaign with high confidence to MuddyWater — an APT group recently attributed to Iran's Ministry of Intelligence and Security (MOIS
Vulnerability Spotlight: Memory corruption and use-after-free vulnerabilities in Foxit PDF Reader
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered a memory corruption and use-after-free vulnerability in the Foxit PDF Reader. Foxit PDF Reader is one of the most popular PDF document readers currently avai
Threat Roundup for January 21 to January 28
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 21 and Jan. 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Threat Source Newsletter (Jan. 27, 2022)
Good afternoon, Talos readers. It's great to have New Year's resolutions and all. But we don't want you taking the wrong lessons away from 2021, either. Like just because Log4j happened doesn't mean you should stop logging or stop using open-source software. The
Beers with Talos, Ep. #115: Everybody's measured by quarters — even threat actors
Beers with Talos (BWT) Podcast episode No. 115 is now available. Download this episode and subscribe to Beers with Talos: * Apple Podcasts * Google Podcasts * Spotify * Stitcher Recorded Jan. 14, 2022. If iTunes and Google Play aren't your thing, click here. We wanted