Security

April 28, 2017

THREAT RESEARCH

Vulnerability Spotlight: Randombit Botan Library X509 Certificate Validation Bypass Vulnerability

This vulnerability was discovered by Aleksandar Nikolic of Cisco Talos. Overview Talos has discovered a vulnerability in the Randombit Botan library. A programming error exists in a way Botan library implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the […]

April 27, 2017

THREAT RESEARCH

Vulnerability Spotlight: Multiple Vulnerabilities in Zabbix

These vulnerabilities were discovered by Lilith Wyatt of Cisco ASIG Summary Zabbix is an enterprise monitoring solution that is designed to give organizations the ability to monitor the health and status of various systems within their networks, including: network services, servers, and networking equipment. Cisco recently discovered multiple vulnerabilities in the Zabbix Server software component […]

April 26, 2017

THREAT RESEARCH

Vulnerability Spotlight: IrfanView Jpeg2000 Reference Tile width Arbitrary Code Execution Vulnerability

Discovered by Aleksandar Nikolic of Cisco Talos Overview Talos is disclosing TALOS-2017-0310 / CVE-2017-2813, an arbitrary code execution vulnerability in the JP2 plugin for IrfanView image viewer. IrfanView is a widely used, Windows based, image viewing and editing application. This particular vulnerability is in the jpeg2000 plugin (JP2) for IrfanView resulting in an integer overflow […]

April 21, 2017

THREAT RESEARCH

Vulnerability Spotlight: Hard-coded Credential Flaw in Moxa ICS Wireless Access Points Identified and Fixed

Earlier this month, Talos responsibly disclosed a set of vulnerabilities in Moxa ICS wireless access points. While most of the vulnerabilities were addressed in the previous set of advisories, Talos has continued to work with Moxa to ensure all remaining vulnerabilities that Talos identified are patched. Today in coordination with Moxa, Talos is disclosing the […]

April 21, 2017

THREAT RESEARCH

Threat Spotlight: Mighty Morphin Malware Purveyors: Locky Returns Via Necurs

This post was authored by Nick Biasini Throughout the majority of 2016, Locky was the dominant ransomware in the threat landscape.  It was an early pioneer when it came to using scripting formats Windows hosts would natively handle, like .js, .wsf, and .hta. These scripting formats acted as a vehicle to deliver the payload via […]

April 21, 2017

THREAT RESEARCH

Threat Round-up for Apr 14 – Apr 21

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 14 and April 21. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

April 21, 2017

SECURITY

Secure Access Done Right: Cisco ISE Wins the SC Magazine 2017 Award for Best NAC Solution

At the most recent RSA Conference, SC Magazine awarded Cisco Identity Services Engine (ISE) the top spot for Best NAC Solution. In the words of the award panel, “this honor goes to vendors and practitioners who make a difference… and detect, respond and recover from cyber attacks.”[1] Network Access Control (NAC) solutions have been around […]

April 19, 2017

THREAT RESEARCH

Vulnerability Spotlight: ARM Mbedtls x509 ECDSA invalid public key Code Execution Vulnerability

Vulnerability Discovered by Aleksandar Nikolic Overview Talos is disclosing TALOS-2017-0274/CVE-2017-2784, a code execution vulnerability in ARM MbedTLS. This vulnerability is specifically related to how MbedTLS handles x509 certificates. MbedTLS is an SSL/TLS implementation aimed specifically at embedded devices that was previously known as PolarSSL.   The vulnerability exists in the part of the code responsible […]

April 19, 2017

SECURITY

How to Choose a Next-Generation Endpoint Security Solution

When organizations begin their search for an advanced, next-generation endpoint security solution to protect PCs, Macs, servers, and mobile devices, they have a lot of different vendors to choose from and a lot of questions. Can it prevent attacks? What kind of malware can it protect against? What if malware gets in, can it still […]

Why Cisco Security?

Explore our Products & Services

Get Security Blogs via Email

Stay up to date and get the latest blogs from Cisco Security