Talos
Vulnerability Spotlight: Total Commander FileInfo Plugin Denial of Service
Talos is releasing an advisory for multiple vulnerabilities that have been found within the Total Commander FileInfo Plugin. These vulnerabilities are local denial of service flaws and have been assigned CVE-2015-2869. In accordance with our Vendor Vulnerability Reporting and Disclosure policy, thes…
Microsoft Patch Tuesday – July 2015
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins being released which address 57 CVEs. Four of the bulletins are listed as Critical and address vulnerabilities i…
Ding! Your RAT has been delivered
This post was authored by Nick Biasini Talos is constantly observing malicious spam campaigns delivering various different types of payloads. Common payloads include things like Dridex, Upatre, and various versions of Ransomware. One less common payload that Talos analyzes periodically are Remote Ac…
Vulnerability Spotlight: Apple Quicktime Corrupt stbl Atom Remote Code Execution
This post was authored by Rich Johnson, William Largent, and Ryan Pentney. Earl Carter contributed to this post. Cisco Talos, in conjunction with Apple’s security advisory issued on June 30th, is disclosing the discovery of a remote code execution vulnerability within Apple Quicktime. This vulnerab…
Hook, Line & Sinker: Catching Unsuspecting Users Off Guard
This post was authored by Earl Carter. Attackers are constantly looking for ways to monetize their malicious activity. In many instances this involves targeting user data and accounts. Talos continues to see phishing attacks targeting customers of multiple high profile financial institutions. In th…
Domain Shadowing Goes Nuclear: A Story in Failed Sophistication
This post was authored by Nick Biasini Exploit Kits are constantly altering their techniques to compromise additional users while also evading detection. Talos sees various campaigns start and stop for different exploit kits all the time. Lately a lot of focus has been put on Angler, and rightly so…
Microsoft Patch Tuesday – June 2015
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 8 bulletins being released which address 45 CVE. Two of the bulletins are listed as Critical and address vulnerabilities in I…
My Resume Protects All Your Files
This post was authored by Nick Biasini Talos has found a new SPAM campaign that is using multiple layers of obfuscation to attempt to evade detection. Spammers are always evolving to get their messages to the end users by bypassing SPAM filters while still appearing convincing enough to get a user…
Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense
This post was authored by Nick Biasini Late last week Talos researchers noticed a drastic uptick in Angler Exploit Kit activity. We have covered Angler previously, such as the discussion of domain shadowing. This exploit kit evolves on an almost constant basis. However, the recent activity caught ou…