- Our Favorite Topics:
Secure the Branch by Securing the Business
3 min read
The SAFE model provides a customizable reference architecture to meet your company’s specific business needs, with several viewpoints to provide the right level of clarity for all audiences.
Vulnerability Spotlight: WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability
1 min read
Discovered by Aleksandar Nikolic of Cisco Talos Overview Talos is disclosing TALOS-2017-0293 / CVE 2017-2800, a code execution vulnerability in WolfSSL. WolfSSL is a lightweight SSL/TLS library targeted specifically for embedded and RTOS (Real-Time Operating System) environments, due largely to its small size and performance. WolfSSL is used in a wide range of products including […]
Vulnerability Spotlight: Power Software PowerISO ISO Code Execution Vulnerabilities
1 min read
These vulnerabilities were discovered by Piotr Bania of Cisco Talos. Today, Talos is releasing details of a new vulnerability discovered within the Power Software PowerISO disk imaging software. TALOS-2017-0318 and TALOS-2017-0324 may allow an attacker to execute arbitrary code remotely on the vulnerable system when a specially crafted ISO image is opened and parsed by […]
Vulnerability Spotlight: AntennaHouse DMC Library Arbitrary Code Execution Flaws
1 min read
These vulnerabilities were discovered by Marcin ‘Icewall’ Noga of Talos. Today, Talos is disclosing several vulnerabilities that have been identified in the AntennaHouse DMC library which is used in various products for web-based document searching and rendering. These vulnerabilities manifest as a failure to correctly parse Microsoft Office documents and could be exploited to achieve […]
Gmail Worm Requiring You To Give It A Push And Apparently You All Are Really Helpful
1 min read
This post authored Sean Baird and Nick Biasini Attackers are always looking for creative ways to send large amount of spam to victims. A short-lived, but widespread Google Drive themed phishing campaign has affected a large number of users across a variety of verticals. This campaign would be bcc’d to a target while being sent […]
KONNI: A Malware Under The Radar For Years
1 min read
Talos has discovered an unknown Remote Administration Tool that we believe has been in use for over 3 years. During this time it has managed to avoid scrutiny by the security community. The current version of the malware allows the operator to steal files, keystrokes, perform screenshots, and execute arbitrary code on the infected host. […]
Threat Round-up for Apr 21 – Apr 28
1 min read
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 21 and April 28. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]
Respecting Customer Privacy is Not an Option
2 min read
How to demonstrate products and services using data that is close to production, while protecting your customer’s data and complying with legal and regulatory obligations.
Vulnerability Spotlight: Randombit Botan Library X509 Certificate Validation Bypass Vulnerability
1 min read
This vulnerability was discovered by Aleksandar Nikolic of Cisco Talos. Overview Talos has discovered a vulnerability in the Randombit Botan library. A programming error exists in a way Botan library implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the […]
Cisco Cybersecurity Viewpoints
Where security insights and innovation meet. Read the e-book, see the video, dive into the infographic and more...
Why Cisco Security?
Explore our Products & Services
4