Talos

This post was authored by Earl Carter & Yves Younan. Talos is constantly researching the ways in which threat actors take advantage of security weaknesses to exploit systems. Use-after-free vulnerabilities have become an important class of security problems due to the existence of mitigations th…

            Intro Historically, networks have always been at risk for new, undiscovered threats. The risk of state sponsored hackers or criminal organizations utilizing 0-day was a constant, and the best defense was simply to keep adding on technologies to maximize th…

This post was authored by Alex Chiu & Angel Villegas. Overview Banking and sensitive financial information is a highly coveted target for attackers because of the high value and obvious financial implications.  In the past year, a large amount of attention has been centered on Point of Sale (PoS…

Authors: William Largent, Jaeson Schultz, Craig Williams. Special thanks to Richard Harman for his contributions to this post. As consumers, we are constantly bombarded by advertising, especially on the World Wide Web. There is a lot of money to be made either pushing Internet traffic, or displaying…

This blog post was authored by Earl Carter & Yves Younan. Talos is constantly researching the ways in which threat actors take advantage of security weaknesses to exploit systems. Yves Younan of Talos will be presenting at CanSecWest on Friday March 20th. The topic of his talk will be FreeSentry…

This post was authored by Nick Biasini, Alex Chiu, Jaeson Schultz, and Craig Williams. Special thanks to William McVey for his contributions to this post. Table of Contents Overview WHOIS Privacy Protection Why Does This Exist The Issue Implications for the Good/Bad Guys Current State and Mitigatio…

Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products.  This month’s release sees a total of 14 bulletins being released which address 45 CVEs.  The first 5 bulletins are rated critical and address vulnerabilities wit…

This post was authored by Nick Biasini and edited by Joel Esler Overview Over the last several months Talos researchers have been monitoring a massive exploit kit campaign that is utilizing hijacked registrant accounts to create large amounts of subdomains for both initial redirection and exploitati…

If you’re an experienced malware reverse engineer, exploit developer, response specialist, intel analyst, or looking to start your career in security, Talos might be the place for you.  We have a number of positions open in Columbia, Maryland; Austin, Texas; San Jose, California; and San Francisco,…