1 min read

This post was authored by Martin Lee, Warren Mercer, Paul Rascagneres, and Craig Williams. Executive Summary A major ransomware attack has affected many organizations across across the world reportedly including Telefonica in Spain, the National Health Service in the UK, and FedEx in the US. The malware responsible for this attack is a ransomware variant known as […]

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between May 05 and May 12. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

1 min read

This post was written by Nick Biasini, Edmund Brumaghin and Warren Mercer with contributions from Colin Grady Summary Talos is constantly monitoring the email threat landscape and tracking both new threats as well as changes to existing threats. We recently observed several large scale email campaigns that were attempting to distribute a new variant of […]

1 min read

Talos is disclosing the presence of a vulnerability in Hangul Word Processor. Published by Hancom inc. the Hangul Office Suite, of which Hangul Word Processor is part, is the leading word processing and office productivity suite in South Korea. This vulnerability allows attackers to craft a malicious document that when opened, allows the attacker to cause […]

1 min read

Today, Microsoft has release their monthly set of security updates designed to address vulnerabilities. This month’s release addresses 56 vulnerabilities with 15 of them rated critical and 41 rated important. Impacted products include .NET, DirectX, Edge, Internet Explorer, Office, Sharepoint, and Windows. In addition to the coverage Talos is providing for the normal monthly Microsoft […]

1 min read

Discovered by Aleksandar Nikolic of Cisco Talos Overview Talos is disclosing TALOS-2017-0293 / CVE 2017-2800, a code execution vulnerability in WolfSSL. WolfSSL is a lightweight SSL/TLS library targeted specifically for embedded and RTOS (Real-Time Operating System) environments, due largely to its small size and performance. WolfSSL is used in a wide range of products including […]

1 min read

These vulnerabilities were discovered by Marcin ‘Icewall’ Noga of Talos. Today, Talos is disclosing several vulnerabilities that have been identified in the AntennaHouse DMC library which is used in various products for web-based document searching and rendering. These vulnerabilities manifest as a failure to correctly parse Microsoft Office documents and could be exploited to achieve […]

1 min read

This post authored Sean Baird and Nick Biasini Attackers are always looking for creative ways to send large amount of spam to victims. A short-lived, but widespread Google Drive themed phishing campaign has affected a large number of users across a variety of verticals. This campaign would be bcc’d to a target while being sent […]

1 min read

Talos has discovered an unknown Remote Administration Tool that we believe has been in use for over 3 years. During this time it has managed to avoid scrutiny by the security community. The current version of the malware allows the operator to steal files, keystrokes, perform screenshots, and execute arbitrary code on the infected host. […]