Talos
Talos Vulnerability Discovery Year in Review – 2018
Introduction Cisco Talos’ Vulnerability Discovery Team investigates software and operating system vulnerabilities in order to discover them before malicious threat actors. We provide this information to vendors so that they can create patches and protect their customers as soon as possible. We…
Rocke: The Champion of Monero Miners
This post was authored by David Liebenberg. Summary Cryptocurrency miners are becoming an increasingly significant part of the threat landscape. These malicious miners steal CPU cycles from compromised devices to mine cryptocurrencies and bring in income for the threat actor. In this post, we look a…
Exploitable or Not Exploitable? Using REVEN to Examine a NULL Pointer Dereference.
It can be very time-consuming to determine if a bug is exploitable or not. In this post, we’ll show how to decide if a vulnerability is exploitable by tracing back along the path of execution that led to a crash. Probing for software vulnerabilities through fuzzing tends to lead to the identificatio…
TalosIntelligence.com is rolling out a new dispute system
At Cisco Talos, we need customers to be able to provide feedback at all times, whether it be about false positives, false negatives, or missed categories. Because we deal with an abundance of data across our platforms — such as IPS alerts, AMP alerts and more — feedback helps us test the efficacy of…
Security: Is it Mission Impossible?
International intrigue. Rogue actors. Cybercrime. You might think I’m talking about Tom Cruise and his record-breaking sixth “Mission Impossible” movie. But I’m not. I’m talking about what happens to enterprises with a frequency that is a lot higher than most people suspect. Daily—sometimes hourly—t…
Vulnerability Spotlight: Multiple Vulnerabilities in Sony IPELA E Series Camera
Today, Cisco Talos is disclosing several vulnerabilities discovered with the Sony IPELA E Series Network Camera. Sony IPELA Cameras are network-facing cameras used for monitoring and surveillance. Read More >>>…
My Little FormBook
Cisco Talos has been tracking a new campaign involving the FormBook malware since May 2018 that utilizes four different malicious documents in a single phishing email. FormBook is an inexpensive stealer available as “malware as a service.” This means an attacker can purchase a compiled p…
Vulnerability Spotlight: Multiple Remote Vulnerabilities In Insteon Hub PubNub
Cisco Talos is disclosing twelve new vulnerabilities in Insteon Hub, ranging from remote code execution, to denial of service. The majority of the vulnerabilities have their root cause in the unsafe usage of the strcpy() function, leading either to stack overflow or global overflow. Read More…
VPNFilter Update – VPNFilter exploits endpoints, targets new devices
Introduction Cisco Talos, while working with our various intelligence partners, has discovered additional details regarding “VPNFilter.” In the days since we first published our findings on the campaign, we have seen that VPNFilter is targeting more makes/models of devices than initially…