Articles
Threat Round-up for June 2- June 9
1 min read
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 02 and June 09. As with previous round-ups, this post isn't meant to be an...
The Internet of Vulnerable Things
1 min read
Technological progress is resulting in computing systems that are smaller, cheaper and consuming less power. These micro-computing systems are able to be integrated into everyday objects; when coupled with ubiquitous wireless connectivity these devices form the “Internet of Things”. The IoT has the potential to improve our lives, but only if we correctly manage the […]
Threat Round-up for May 19 – May 26
1 min read
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between May 19 and May 26. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]
Samba Vulnerability: Dancing Its Way to a Network Near You
1 min read
Overview Today, a new vulnerability affecting the widely used Samba software was released. Samba is the SMB/CIFS protocol commonly used in *NIX operating systems. CVE-2017-7494 has the potential to impact many systems around the world. This vulnerability could allow a user to upload a shared library to a writeable share on a vulnerable Samba server […]
File2pcap – The Talos Swiss Army Knife of Snort Rule Creation
1 min read
This post was authored by Martin Zeiser with contributions by Joel Esler At Talos we are constantly on the lookout for threats to our customers networks, and part of the protection process is creating Snort rules for the latest vulnerabilities in order to detect any attacks. To improve your understanding of the rule development process, consider […]
Cisco Coverage for Adylkuzz, Uiwix, and EternalRocks
1 min read
When the WannaCry attack was launched a little over a week ago, it was one of the first large scale attacks leveraging the data that was leaked by the Shadow Brokers. At the time the real concern was how quickly we would begin to see other threats leverage the same vulnerabilities. Over the past couple […]
Modified Zyklon and plugins from India
1 min read
Streams of malicious emails Talos inspects every day usually consist of active spamming campaigns for various ransomware families, phishing campaigns and the common malware family suspects such as banking Trojans and bots.. It is however often more interesting to analyze campaigns smaller in volume as they might contain more interesting malware. A few weeks ago […]
Terror Evolved: Exploit Kit Matures
1 min read
Talos is monitoring the major Exploit Kits(EK) on an ongoing basis. While investigating the changes we recently observed in the RIG EK campaigns, we identified another well known candidate: Terror Exploit Kit. Terror EK is one of the new players who showed up after the big Exploit Kit market consolidation last year. When Angler and […]
Arbitrary Code Execution Vulnerabilities in MuPDF Identified and Patched
1 min read
Talos is disclosing the presence of two vulnerabilities in the Artifex MuPDF renderer. MuPDF is a lightweight PDF parsing and rendering library featuring high fidelity graphics, high speed, and compact code size which makes it a fairly popular PDF library for embedding in different projects, especially mobile and web applications. Both of these vulnerabilities, if […]