Talos

Intro For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor’s widespread use of a sophisticated modular malware system we call “VPNFilter.…

There is no question that the threat of cybersecurity breaches is business impacting in our ever-increasing connected world. There are two data points that I like to use on this matter to illustrate the impact: According to a CIO Insight survey, 71% of executives surveyed said that concerns over cy…

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 06 and April 13. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior…

If you keep up with trends in security, you’ve likely heard about illicit cryptomining – software that hijacks system resources to generate cryptocurrencies. We’ve been busy updating our product portfolio to detect and protect against this new class of threat. We released a paper on illicit cryptomi…

Soon after a launch of a new cryptocurrency, Bitvote, in January, Talos discovered a new mining campaign affecting systems in India, Indonesia, Vietnam and several other countries that was tied to Bitvote. Apart from the fact that the attackers have chosen to target the new bitcoin fork in order to…

This blog post was authored by Jonas Zaddach and Mariano Graziano. Cisco Talos has rolled out a series of improvements to the BASS open-source framework aimed at speeding up its ability to provide coverage for new malware families. Talos released BASS, (pronounced “bæs”) an open-source f…

These vulnerabilities were discovered by Carlos Pacho of Cisco Talos Today, Talos is disclosing several vulnerabilities that have been identified in Moxa EDR-810 industrial secure router. Moxa EDR-810 is an industrial secure router with firewall/NAT/VPN and managed Layer 2 switch functions. It is de…

This post was authored by Xabier Ugarte Pedrero In July 2017 we released PyREBox, a Python Scriptable Reverse Engineering Sandbox as an open source tool. This project is part of our continuous effort to create new tools to improve our workflows. PyREBox is a versatile instrumentation framework based…

Discovered by Lilith Wyatt of Cisco Talos Overview Talos is disclosing several vulnerabilities identified in Simple DirectMedia Layer’s SDL2_Image library that could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to a…