Vulnerability Spotlight: FreeImage Library XMP Image Handling Code Execution Vulnerability
Exploit uses a maliciously crafted image file as an email attachment or via an instant message.
Threat Research
Vulnerability Spotlight: OpenJPEG JPEG2000 mcc record Code Execution Vulnerability
Vulnerability discovered by Aleksandar Nikolic of Cisco Talos Overview Talos has identified an exploitable out-of-bounds vulnerability in the JPEG 2000 image file format parser implemented in OpenJPEG library (TALOS-2016-0193/CVE-2016-8332). The JPEG
Want Tofsee My Pictures? A Botnet Gets Aggressive
This post was authored by Edmund Brumaghin Summary Tofsee is multi-purpose malware that has been in existence for several years, operating since at least 2013. It features a number of modules that are used to carry out various activities such as
Threat Spotlight: GozNym
This blog was authored by Ben Baker, Edmund Brumaghin, and Jonah Samost. Executive Summary GozNym is the combination of features from two previously identified families of malware, Gozi and Nymaim. Gozi was a widely distributed banking trojan with a
The Rising Tides of Spam
This blog post was authored by Jaeson Schultz. For the past five years we have enjoyed a relatively calm period with respect to spam volumes. Back at the turn of the decade the world was experiencing record-high volumes of spam. However, with the
Microsoft Patch Tuesday – September 2016
This post was authored by Jaeson Schultz. Well it’s Microsoft Patch Tuesday, again, and that must mean we are girding our systems against another round of security vulnerabilities. This month Microsoft has released fourteen (14) bulletins
Talos ShadowGate Take Down: Global Malvertising Campaign Thwarted
Yet another example of how organizations work together to stop threats affecting users around the globe.
Vulnerability Spotlight: Multiple DOS Vulnerabilities Within Kaspersky Internet Security Suite
Talos has discovered multiple vulnerabilities in Kaspersky’s Internet Security product which can be used by an attacker to cause a local denial of service attack or to leak memory from any machine running Kaspersky Internet Security software. The
Vulnerability Spotlight: Multiple Remote Code Execution Vulnerabilities Within Lexmark Perceptive Document Filters.
Vulnerabilities discovered by Tyler Bohan & Marcin Noga of Cisco Talos. Talos are today releasing three new vulnerabilities discovered within the Lexmark Perceptive Document Filters library. TALOS-2016-0172, TALOS-2016-0173 and TALOS-2016-0183