Vulnerability Details A vulnerability (CVE-2016-9244) was recently disclosed affecting various F5 products due to the way in which the products handle Session IDs when the non-default Session Tickets option is enabled. By manipulating the Session IDs
This post was authored by Edmund Brumaghin with contributions from Angel Villegas Summary Talos is constantly monitoring the threat landscape in an effort to identify changes in the way attackers are attempting to target organizations around the
This blog was authored by Warren Mercer and Paul Rascagneres. Talos has observed a small email campaign leveraging the use of Microsoft Publisher files. These .pub files are normally used for the publishing of documents such as newsletters, allowing
Shamoon is a type of destructive malware that has been previously associated with attacks against the Saudi Arabian energy sector we’ve been tracking since 2012. We’ve observed that a variant of Shamoon, identified as Shamoon 2, has
The few last days, a malware sample named EyePyramid has received considerable attention, especially in Italy. The Italian police have arrested two suspects and also published a preliminary report of the investigation. This malware is notable due to
This post authored by David Maynor & Paul Rascagneres with the contribution of Alex McDonnell and Matthew Molyett Overview Talos has identified a malicious Microsoft Word document with several unusual features and an advanced workflow, performing
Overview Talos is disclosing TALOS-2016-0259 / CVE-2016-8710. An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow
Discovered by Aleksandar Nikolic of Cisco Talos Overview Talos is disclosing TALOS-2016-0259 / CVE-2017-2791 an uninitialized memory vulnerability in Adobe Acrobat Reader DC. Adobe Acrobat Reader is one of the largest and well known PDF readers
This post authored by Nick Biasini with contributions from Jaeson Schultz Locky has been a devastating force for the last year in the spam and ransomware landscape. The Locky variant of ransomware has been responsible for huge amounts of spam messages
