Security

1 min read

When Talos decided to make a threat intelligence podcast, we wanted to make it different than your typical buttoned down, subdued security podcast.

1 min read

Talos is disclosing the presence of two vulnerabilities in the Artifex MuPDF renderer. MuPDF is a lightweight PDF parsing and rendering library featuring high fidelity graphics, high speed, and compact code size which makes it a fairly popular PDF library for embedding in different projects, especially mobile and web applications. Both of these vulnerabilities, if […]

1 min read

Cisco AMP for Endpoints was recently the subject of a thorough technical review and test to validate that the solution satisfies requirements in accordance with the Payment Card Industry Data Security Standard (PCI DSS) version 3.2 and the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. The Cisco Security Team is pleased to report […]

1 min read

This post was authored by Martin Lee, Warren Mercer, Paul Rascagneres, and Craig Williams. Executive Summary A major ransomware attack has affected many organizations across across the world reportedly including Telefonica in Spain, the National Health Service in the UK, and FedEx in the US. The malware responsible for this attack is a ransomware variant known as […]

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between May 05 and May 12. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

1 min read

This post was written by Nick Biasini, Edmund Brumaghin and Warren Mercer with contributions from Colin Grady Summary Talos is constantly monitoring the email threat landscape and tracking both new threats as well as changes to existing threats. We recently observed several large scale email campaigns that were attempting to distribute a new variant of […]

1 min read

Talos is disclosing the presence of a vulnerability in Hangul Word Processor. Published by Hancom inc. the Hangul Office Suite, of which Hangul Word Processor is part, is the leading word processing and office productivity suite in South Korea. This vulnerability allows attackers to craft a malicious document that when opened, allows the attacker to cause […]

4 min read

You have just been notified by a “TLA” (Three Letter Agency), a law enforcement agency, that your organization has suffered a data breach. Depending on your Threat Management Maturity level, you will either approach this methodically or ad-hoc. A TLA notification will generally involve leveraging the expertise of an Incident Response team, either your internal […]

1 min read

Today, Microsoft has release their monthly set of security updates designed to address vulnerabilities. This month’s release addresses 56 vulnerabilities with 15 of them rated critical and 41 rated important. Impacted products include .NET, DirectX, Edge, Internet Explorer, Office, Sharepoint, and Windows. In addition to the coverage Talos is providing for the normal monthly Microsoft […]