April 30, 2019


Sodinokibi Ransomware Exploits WebLogic Server Vulnerability

Attackers are actively exploiting a recently disclosed vulnerability in Oracle WebLogic to install a new variant of ransomware called "Sodinokibi," which attempts to encrypt user data and then deletes shadow copy backups to make data recovery more difficult.

October 2, 2018


Vulnerability Spotlight: Adobe Acrobat Reader DC Collab reviewServer Remote Code Execution Vulnerability

Discovered by Aleksandar Nikolic of Cisco Talos Overview Today, Talos is releasing details of a new vulnerability within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and...

June 14, 2018


Vulnerability Spotlight: TALOS-2018-0523-24 – Multiple Vulnerabilities in Pixars Renderman application

Talos is disclosing two denial-of-ervice vulnerabilities in Pixar’s Renderman application. Renderman is a rendering application used in animation and film production. It is widely used for advanced rendering and shading...

June 13, 2018


Vulnerability Spotlight: TALOS-2018-0545 – Microsoft wimgapi LoadIntegrityInfo Code Execution Vulnerability

Talos is disclosing a remote code execution vulnerability in the Microsoft wimgapi library. The wimgapi DLL is used in the Microsoft Windows operating system to perform operations on Windows Imaging...

June 4, 2018


Vulnerability Spotlight: TALOS-2018-0535 – Ocularis Recorder VMS_VA Denial of Service Vulnerability

Talos is disclosing a denial-of-service vulnerability in the Ocularis Recorder. Ocularis is a video management software (VMS) platform used in a variety of settings, from convenience stores, to city-wide deployments....

April 12, 2018


Vulnerability Spotlight: TALOS-2018-0529-531 – Multiple Vulnerabilities in NASA CFITSIO library

Vulnerabilities discovered by Tyler Bohan from Talos Overview Talos is disclosing three remote code execution vulnerabilities in the NASA CFITSIO library. CFITSIO is a library of C and Fortran subroutines...

April 11, 2018


Vulnerability Spotlight: Multiple Simple DirectMedia Layer Vulnerabilities

Vulnerabilities identified in Simple DirectMedia Layer's SDL2_Image library could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to audio, keyboard, mouse, joystick, and graphics hardware via OpenGL and Direct3D.

April 11, 2018


Vulnerability Spotlight: Multiple Computerinsel PhotoLine PSD Code Execution Vulnerabilities

Cisco Talos discloses a vulnerability within the PSD-parsing functionality of Computerinsel Photoline, an image processing tool. PSD is a document format used by Adobe Photoshop and supported by many third-party applications.

October 31, 2017


Vulnerability Spotlight: The Circle of a Bug’s Life

Cisco Talos is disclosing several vulnerabilities identified in Circle with Disney. Circle with Disney is a network device designed to monitor the Internet use of children on a given network. Circle pairs wirelessly, with your home Wi-Fi and allows you to manage every device on the network, tablet, TV, or laptop. It can also pair […]