Security @ Cisco Blogs

Security

Threat Round Up for Sept 8 – Sept 15

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between September 08 and September 15. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the

September 15, 2017 • 1 min read

Talos Group

Deep Dive in MarkLogic Exploitation Process via Argus PDF Converter

This post authored by Marcin Noga with contributions from William Largent Introduction Talos discovers and responsibly discloses software vulnerabilities on a regular basis. Occasionally we publish a deep technical analysis of how the vulnerability

September 14, 2017 • 1 min read

Michelle Dennedy

Get Ready, Get Certified: Early Adoption of CBPR Makes Doing Business with Asia Easier

While the EU General Data Protection Regulation (GDPR) enforcement deadline is less than a year away and it’s “all systems go” to get ready, privacy – like all other fundamental human rights – is not just a European issue. The specific rules and

September 14, 2017 • 2 min read

Talos Group

Vulnerability Spotlight: YAML Parsing Remote Code Execution Vulnerabilities in Ansible Vault and Tablib.

Talos is disclosing the presences of remote code execution vulnerabilities in the processing of Yet Another Markup Language (YAML) content in Ansible Vault and Tablib. Attackers can exploit these vulnerabilities through supplying malicious YAML

September 14, 2017 • 1 min read

Jason Lamar

When Walls Come Down: Working Together to Protect IoT Devices

When you begin remodeling an older home you realize that some walls are there for good reasons. Others block our modern, open-floor-plan lifestyles and can come down. Years ago, factories and utilities separated their Information Technology (IT) and

September 13, 2017 • 3 min read

Talos Group

Vulnerability Spotlight: LibOFX Tag Parsing Code Execution Vulnerability

This vulnerability was discovered by Cory Duplantis of Talos Update 9/20/2017: A patch is now available to fix this issue. Overview LibOFX is an open source implementation of OFX (Open Financial Exchange) an open format used by financial institutions

September 13, 2017 • 1 min read

Talos Group

Microsoft Patch Tuesday – September 2017

Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 81 new vulnerabilities with 27 of them rated critical, 52

September 12, 2017 • 1 min read

Talos Group

Vulnerability Spotlight: TALOS-2017-0430/0431: Multiple Vulnerabilities in FreeXL Library

Talos has discovered two remote code execution vulnerabilities in the the FreeXL library. FreeXL is an open source C library to extract valid data from within an Excel (.xls) spreadsheet. Exploiting these vulnerabilities can potentially allow an

September 11, 2017 • 1 min read

Talos Group

Another Apache Struts Vulnerability Under Active Exploitation

This post authored by Nick Biasini with contributions from Alex Chiu. Earlier this week, a critical vulnerability in Apache Struts was publically disclosed in a security advisory. This new vulnerability, identified as CVE-2017-9805, manifests due to

September 7, 2017 • 1 min read

Cisco Blogs

Security

Our Favorite Topics:

Security

Threat Round Up for Sept 8 – Sept 15

Deep Dive in MarkLogic Exploitation Process via Argus PDF Converter

Get Ready, Get Certified: Early Adoption of CBPR Makes Doing Business with Asia Easier

Vulnerability Spotlight: YAML Parsing Remote Code Execution Vulnerabilities in Ansible Vault and Tablib.

When Walls Come Down: Working Together to Protect IoT Devices

Vulnerability Spotlight: LibOFX Tag Parsing Code Execution Vulnerability

Microsoft Patch Tuesday – September 2017

Vulnerability Spotlight: TALOS-2017-0430/0431: Multiple Vulnerabilities in FreeXL Library

Another Apache Struts Vulnerability Under Active Exploitation

Cisco Cybersecurity Viewpoints

Why Cisco Security?