Articles
Threat Round Up for Nov 10 – Nov 17
1 min read
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between November 10 and November 17. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]
Vulnerability Spotlight: Multiple Remote Code Execution Vulnerabilities Within libxls
1 min read
Talos is releasing seven new vulnerabilities discovered within the libxls library. These vulnerabilities result in remote code execution using specially crafted XLS files.
Microsoft Patch Tuesday – November 2017
1 min read
Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 53 new vulnerabilities with 19 of them rated critical, 31 of them rated important and 3 of them rated moderate. These vulnerabilities impact Microsoft Edge, Internet Explorer, Microsoft Scripting Engine, […]
Vulnerability Spotlight: Multiple Vulnerabilities in Foscam C1 Indoor HD Cameras
1 min read
These vulnerabilities were discovered by Claudio Bozzato of Cisco Talos. Executive Summary The Foscam C1 Indoor HD Camera is a network-based camera that is marketed for use in a variety of applications, including use as a home security monitoring device. Talos recently identified several vulnerabilities present in these devices, and worked with Foscam to develop […]
Poisoning the Well: Banking Trojan Targets Google Search Results
1 min read
By poisoning the search results for specific related keywords, attackers can effectively target specific users in a novel fashion.
Vulnerability Spotlight: The Circle of a Bug’s Life
1 min read
Cisco Talos is disclosing several vulnerabilities identified in Circle with Disney. Circle with Disney is a network device designed to monitor the Internet use of children on a given network. Circle pairs wirelessly, with your home Wi-Fi and allows you to manage every device on the network, tablet, TV, or laptop. It can also pair […]
Vulnerability Spotlight: Multiple Vulnerabilities in Cesanta Mongoose Server
1 min read
These vulnerabilities were discovered by Aleksandar Nikolic of Cisco Talos Today, Talos is disclosing several vulnerabilities that have been identified in Cesanta Mongoose server. Cesanta Mongoose is a library implementing a number of networking protocols, including HTTP, MQTT, MDNS and others. It is designed with embedded devices in mind and as such is used in […]
Threat Round Up for Oct 20 – Oct 27
1 min read
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between October 20 and October 27. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]
Vulnerability Spotlight: Apache OpenOffice Vulnerabilities
1 min read
Today, Talos is releasing details of three new vulnerabilities discovered within Apache OpenOffice application. The first vulnerability, TALOS-2017-0295 within OpenOffice Writer, the second TALOS-2017-0300 in the Draw application, and the third TALOS-2017-0301 discovered in the Writer application. All three vulnerabilities allow arbitrary code execution to be performed. Read More >>