1 min read

This post was authored by William Largent Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is has 11 bulletins addressing 49 vulnerabilities. 6 of these bulletins are rated critical and address vulnerabilities in Edge, Internet Explorer, JScript/VBScript, Print Spooler, Office and Adobe […]

1 min read

This vulnerability was discovered by Piotr Bania. Talos, in coordination with Intel, is disclosing the discovery of TALOS-2016-0087, a local arbitrary code execution vulnerability within the Intel HD Graphics Windows Kernel Driver. This vulnerability exists in the communication functionality of the driver and can be exploited if a specially crafted message is sent to the […]

1 min read

This blog post was authored by Edmund Brumaghin and Warren Mercer Summary Talos recently observed a new ransomware variant targeting users. This ransomware shows that new threat actors are continuing to enter the ransomware market at a rapid pace due to the lucrative nature of this business model. As a result, greater numbers of unique […]

1 min read

This Post Authored by Nick Biasini For a couple of weeks in June the threat landscape was changed. Several high profile threats fell off the landscape, causing a shake-up that hadn’t been seen before.  For a period of three weeks the internet was safer, if only for a short time. Still to date the Angler […]

1 min read

Talos have observed a large uptick in the Zepto ransomware and have identified a method of distribution for the Zepto ransomware, Spam Email. Locky/Zepto continue to be well known ransomware variants and as such we will focus on the spam email campaign. We found 137,731 emails in the last 4 days using a new attachment […]

1 min read

The recent discovery of Wekby and Point of Sale malware using DNS requests as a command and control channel highlights the need to consider DNS as a potentially malicious channel. Although a skilled analyst may be able to quickly spot unusual activity because they are familiar with their organisation’s normal DNS activity, manually reviewing DNS […]

1 min read

Vulnerability discovered by Aleksandar Nikolic of Cisco Talos. Talos is disclosing the presence of CVE-2016-4324 / TALOS-CAN-0126, a Use After Free vulnerability within the RTF parser of LibreOffice. The vulnerability lies in the parsing of documents containing both stylesheet and superscript tokens. A specially crafted RTF document containing both a stylesheet and superscript element causes […]

1 min read

These vulnerabilities were discovered by Yves Younan. Pidgin is a universal chat client that is used on millions of systems worldwide. The Pidgin chat client enables you to communicate on multiple chat networks simultaneously. Talos has identified multiple vulnerabilities in the way Pidgin handles the MXit protocol. These vulnerabilities fall into the following four categories. […]

1 min read

libarchive is an open-source library that provides access to a variety of different file archive formats, and it’s used just about everywhere. Cisco Talos has recently worked with the maintainers of libarchive to patch three rather severe bugs in the library. Because of the number of products that include libarchive in their handling of compressed […]