Articles
Vulnerability Spotlight: Multiple Antenna House Vulnerabilities
Discovered by Marcin Noga of Cisco Talos Overview Cisco Talos has identified six vulnerabilities in the Antenna House Office Server Document Converter (OSDC). These vulnerabilities can be used to remotely execute code on a vulnerable system. Antenna House Office Server Document Converter is a produc…
Vulnerability Spotlight: Multiple Adobe Acrobat DC Remote Code Execution Vulnerabilties
Discovered by Aleksandar Nikolic of Cisco Talos Overview Today, Talos is releasing details of a new vulnerabilities within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and most feature-rich PDF reader. It has a big user base, is usually a default PDF reader on systems and integr…
Threat Roundup for June 29 to July 6th
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between June 29 and July 6. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, it will summarize the threats we’…
Smoking Guns – Smoke Loader learned new tricks
Cisco Talos has been tracking a new version of Smoke Loader — a malicious application that can be used to load other malware — for the past several months following an alert from Cisco Advanced Malware Protection’s (AMP) Exploit Prevention engine. AMP successfully stopped the malware before it was a…
Threat Roundup for June 22-29
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between June 22 and June 29. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral…
Vulnerability Spotlight: VMWare Workstation DoS Vulnerability
Today, Talos is disclosing a vulnerability in VMWare Workstation that could result in Denial of Service. VMWare Workstation is a widely used virtualization platform designed to run alongside a normal operating system, allowing users to use both virtualized and physical systems concurrently. TALOS-2…
Files Cannot Be Decrypted? Challenge Accepted. Talos Releases ThanatosDecryptor
This blog post was authored by Edmund Brumaghin, Earl Carter and Andrew Williams. Executive summary Cisco Talos has analyzed Thanatos, a ransomware variant that is being distributed via multiple malware campaigns that have been conducted over the past few months. As a result of our research, we have…
Threat Roundup for June 16-22
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between June 1 and June 15. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral…
My Little FormBook
Cisco Talos has been tracking a new campaign involving the FormBook malware since May 2018 that utilizes four different malicious documents in a single phishing email. FormBook is an inexpensive stealer available as “malware as a service.” This means an attacker can purchase a compiled p…