Articles
SYNful Knock Scanner
3 min read
This post was authored by William McVey. Update 9/23: We updated the tool to version 1.0.1 Talos is constantly researching the ways in which threat actors are evolving to exploit systems. Recently, a piece of persistent malware coined as “SYNful Knock” was discovered on Cisco routers. While this malware attack is not a vulnerability, as […]
When Does Software Start Becoming Malware?
6 min read
This post was authored by Earl Carter, Alex Chiu, Joel Esler, Geoff Serrao, and Brandon Stultz. Defining what is malware relies on determining when undesirable behavior crosses the line from benign to clearly unwanted. The lack of a single standard regarding what is and what is not acceptable behavior has established a murky gray area […]
Vulnerability Spotlight: Microsoft Windows CDD Font Parsing Kernel Memory Corruption
1 min read
Discovered by Andrea Allievi and Piotr Bania of Cisco Talos. Talos, in conjunction with Microsoft’s security advisory issued on September 8th, is disclosing the discovery of a memory corruption vulnerability within the Microsoft Windows CDD Font Parsing Kernel Driver. This vulnerability was initially discovered by the Talos and reported in accordance with responsible disclosure policies to Microsoft. Please […]
Microsoft Patch Tuesday – September 2015
5 min read
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 12 bulletins released which address 55 CVEs. Five bulletins are rated “Critical” this month and address vulnerabilities in Edge, Graphics Component, Internet Explorer, Journal, and Office. The other seven bulletins […]
Cognitive Research: Learning Detectors of Malicious Network Traffic
9 min read
This post was authored by Karel Bartos, Vojtech Franc, & Michal Sofka. Malware is constantly evolving and changing. One way to identify malware is by analyzing the...
Malware Meets SysAdmin – Automation Tools Gone Bad
10 min read
This post was authored by Alex Chiu and Xabier Ugarte Pedrero. Talos recently spotted a targeted phishing attack with several unique characteristics that are not normally seen. While we monitor phishing campaigns used to distribute threats such as Dridex, Upatre, and Cryptowall, targeted phishing attacks are more convincing because the format of the message is personalized […]
Microsoft Internet Explorer Out of Band Advisory
1 min read
Today an out of band advisory was released by Microsoft to address CVE-2015-2502. This vulnerability is addressed by MS15-093. MS15-093 address a memory corruption vulnerability in Internet Explorer versions 7, 8, 9, 10, and 11. This affects all currently supported versions of Windows, including Windows 10. This advisory is rated critical. An attacker can craft […]
Talos Identifies Multiple Memory Corruption Issues in Quicktime
2 min read
Update 2015-08-21: This post has been updated to reflect an additional advisory released on August 20. Talos, in conjunction with Apple’s security advisories issued on August 13 and August 20, has released six advisories for vulnerabilities that Talos found in Apple Quicktime. In accordance with our Vendor Vulnerability Reporting and Disclosure policy, these vulnerabilities have been […]
Microsoft Patch Tuesday – August 2015
5 min read
Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins released which address 58 CVEs. Four bulletins are rated “Critical” this month and address vulnerabilities in Internet Explorer, Graphics Component, Office, and Edge. The other ten bulletins are rated “Important” […]
4