Talos Group's Articles
-
Threat Research2017 in Snort Signatures.
2017 was an eventful year for cyber security with high profile vulnerabilities that allowed self-replicating worm attacks such as WannaCry and BadRabbit to impact…
Read More -
Threat ResearchVulnerability Spotlight: Walt Disney Per-Face Texture Mapping faceInfoSize Code Execution Vulnerability
This vulnerability was discovered by Tyler Bohan of Cisco Talos. Executive Summary Walt Disney PTEX is an open source software application maintained by Walt Disney Animation Studios. It is…
Read More -
Threat ResearchSamSam – The Evolution Continues Netting Over $325,000 in 4 Weeks
Talos have been working in conjunction with Cisco IR Services on what we believe to be a new variant of the SamSam ransomware. This ransomware has been observed across multiple industries including
Read More -
Threat Research
The Many Tentacles of the Necurs Botnet
This post was written by Jaeson Schultz. Introduction Over the past five years the Necurs botnet has established itself as the largest purveyor of spam worldwide. Necurs is responsible for emailing
Read More -
Threat Research
Vulnerability Spotlight: Tinysvcmdns Multi-label DNS DoS Vulnerabilility
Overview Talos is disclosing a single NULL pointer dereference vulnerability in the tinysvcmdns library. Tinysvcmdns is a tiny MDNS responder implementation for publishing services. This is essentially a mini and
Read More -
Threat Research
Korea In The Crosshairs
This article exposes the malicious activities of Group 123 during 2017. We assess with high confidence that Group 123 was responsible for six campaigns targeting both Korean and Non-Korean institutions.
Read More -
Threat Research
Vulnerability Spotlight: Multiple Unpatched Vulnerabilities in Blender Identified
Talos discloses multiple vulnerabilities identified in Blender that could allow an attacker to execute arbitrary code. Blender. Users opening a crafted file could trigger a vulnerability and be exploited or
Read More -
Threat Research
Vulnerability Spotlight: Ruby Rails Gem XSS Vulnerabilities
Talos has discovered two XSS vulnerabilities in Ruby Rails Gems. Rails is a Ruby framework designed to create web services or web pages. Ruby Gems is a package manager for
Read More -
Threat Research
Vulnerability Spotlight: Multiple Vulnerabilities in the CPP and Parity Ethereum Client
Talos discloses vulnerabilities in CPP and Parity Ethereum clients: a denial of service vulnerability in libevm, plus a permissive cross-domain (CORS) whitelist policy vulnerability in the Ethereum Parity client.
Read More -
Threat Research
Meltdown and Spectre
Cisco Talos is aware of three new vulnerabilities impacting Intel, AMD, Qualcomm and ARM processors used by almost all computers.
Read More
