Sodinokibi Ransomware Exploits WebLogic Server Vulnerability
Attackers are actively exploiting a recently disclosed vulnerability in Oracle WebLogic to install a new variant of ransomware called "Sodinokibi," which attempts to encrypt user data and then deletes shadow copy backups to make data recovery more difficult.
Vulnerability Spotlight: Adobe Acrobat Reader DC Collab reviewServer Remote Code Execution Vulnerability
Discovered by Aleksandar Nikolic of Cisco Talos Overview Today, Talos is releasing details of a new vulnerability within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and...
Vulnerability Spotlight: TALOS-2018-0523-24 – Multiple Vulnerabilities in Pixars Renderman application
Talos is disclosing two denial-of-ervice vulnerabilities in Pixar’s Renderman application. Renderman is a rendering application used in animation and film production. It is widely used for advanced rendering and shading...
Vulnerability Spotlight: TALOS-2018-0545 – Microsoft wimgapi LoadIntegrityInfo Code Execution Vulnerability
Talos is disclosing a remote code execution vulnerability in the Microsoft wimgapi library. The wimgapi DLL is used in the Microsoft Windows operating system to perform operations on Windows Imaging...
Vulnerability Spotlight: TALOS-2018-0535 – Ocularis Recorder VMS_VA Denial of Service Vulnerability
Talos is disclosing a denial-of-service vulnerability in the Ocularis Recorder. Ocularis is a video management software (VMS) platform used in a variety of settings, from convenience stores, to city-wide deployments....
Vulnerability Spotlight: TALOS-2018-0529-531 – Multiple Vulnerabilities in NASA CFITSIO library
Vulnerabilities discovered by Tyler Bohan from Talos Overview Talos is disclosing three remote code execution vulnerabilities in the NASA CFITSIO library. CFITSIO is a library of C and Fortran subroutines...
Vulnerability Spotlight: Multiple Simple DirectMedia Layer Vulnerabilities
Vulnerabilities identified in Simple DirectMedia Layer's SDL2_Image library could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to audio, keyboard, mouse, joystick, and graphics hardware via OpenGL and Direct3D.
Vulnerability Spotlight: Multiple Computerinsel PhotoLine PSD Code Execution Vulnerabilities
Cisco Talos discloses a vulnerability within the PSD-parsing functionality of Computerinsel Photoline, an image processing tool. PSD is a document format used by Adobe Photoshop and supported by many third-party applications.
Vulnerability Spotlight: The Circle of a Bug’s Life
Cisco Talos is disclosing several vulnerabilities identified in Circle with Disney. Circle with Disney is a network device designed to monitor the Internet use of children on a given network. Circle pairs wirelessly, with your home Wi-Fi and allows you to manage every device on the network, tablet, TV, or laptop. It can also pair […]