Articles
Threat Spotlight: GozNym
This blog was authored by Ben Baker, Edmund Brumaghin, and Jonah Samost. Executive Summary GozNym is the combination of features from two previously identified families of malware, Gozi and Nymaim. Gozi was a widely distributed banking trojan with a known Domain Generation Algorithm (DGA) and also c…
The Rising Tides of Spam
This blog post was authored by Jaeson Schultz. For the past five years we have enjoyed a relatively calm period with respect to spam volumes. Back at the turn of the decade the world was experiencing record-high volumes of spam. However, with the evolution of new anti-spam technologies, combined wit…
Microsoft Patch Tuesday – September 2016
This post was authored by Jaeson Schultz. Well it’s Microsoft Patch Tuesday, again, and that must mean we are girding our systems against another round of security vulnerabilities. This month Microsoft has released fourteen (14) bulletins covering fifty (50) security vulnerabilities. There are…
Talos ShadowGate Take Down: Global Malvertising Campaign Thwarted
This blog authored by Nick Biasini. Exploit kits are a class of threat that indiscriminately aims to compromise all users. Talos has continued to monitor this threat over time resulting in large scale research and even resulting in a large scale takedown. The focus of this investigation is on the to…
Vulnerability Spotlight: Multiple DOS Vulnerabilities Within Kaspersky Internet Security Suite
Talos has discovered multiple vulnerabilities in Kaspersky’s Internet Security product which can be used by an attacker to cause a local denial of service attack or to leak memory from any machine running Kaspersky Internet Security software. The vulnerabilities affect Kaspersky Internet Security 16…
Vulnerability Spotlight: Multiple Remote Code Execution Vulnerabilities Within Lexmark Perceptive Document Filters.
Vulnerabilities discovered by Tyler Bohan & Marcin Noga of Cisco Talos. Talos are today releasing three new vulnerabilities discovered within the Lexmark Perceptive Document Filters library. TALOS-2016-0172, TALOS-2016-0173 and TALOS-2016-0183 allow for a remote code execution using specifically…
Vulnerability Spotlight: Rockwell Automation MicroLogix 1400 SNMP Credentials Vulnerability
This vulnerability was discovered by Patrick DeSantis. Description Talos recently discovered a vulnerability in Allen-Bradley Rockwell Automation MicroLogix 1400 Programmable Logic Controllers (PLCs) related to the default configuration that is shipped with devices running affected versions of firmw…
Vulnerability Spotlight: BlueStacks App Player Privilege Escalation
Discovered by Marcin ‘Icewall’ Noga of Cisco Talos Talos is releasing an advisory for a vulnerability in BlueStacks App Player. (TALOS-2016-0124/CVE-2016-4288). The BlueStacks App Player is designed to enable Android applications to run on Windows PCs and Macintosh computers. It’s commonly used to r…
Microsoft Patch Tuesday – August 2016
This post was authored by Edmund Brumaghin and Jonah Samost Today is Patch Tuesday for August 2016, and Microsoft has released several security bulletins and associated patches to resolve security issues across their products. This month’s patch release includes 9 bulletins addressing 28 vulnerabili…
1