0-day

April 30, 2019

THREAT RESEARCH

Sodinokibi Ransomware Exploits WebLogic Server Vulnerability

1 min read

Attackers are actively exploiting a recently disclosed vulnerability in Oracle WebLogic to install a new variant of ransomware called "Sodinokibi," which attempts to encrypt user data and then deletes shadow copy backups to make data recovery more difficult.

October 2, 2018

THREAT RESEARCH

Vulnerability Spotlight: Adobe Acrobat Reader DC Collab reviewServer Remote Code Execution Vulnerability

1 min read

Discovered by Aleksandar Nikolic of Cisco Talos Overview Today, Talos is releasing details of a new vulnerability within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and...

June 14, 2018

THREAT RESEARCH

Vulnerability Spotlight: TALOS-2018-0523-24 – Multiple Vulnerabilities in Pixars Renderman application

1 min read

Talos is disclosing two denial-of-ervice vulnerabilities in Pixar’s Renderman application. Renderman is a rendering application used in animation and film production. It is widely used for advanced rendering and shading...

June 13, 2018

THREAT RESEARCH

Vulnerability Spotlight: TALOS-2018-0545 – Microsoft wimgapi LoadIntegrityInfo Code Execution Vulnerability

1 min read

Talos is disclosing a remote code execution vulnerability in the Microsoft wimgapi library. The wimgapi DLL is used in the Microsoft Windows operating system to perform operations on Windows Imaging...

June 4, 2018

THREAT RESEARCH

Vulnerability Spotlight: TALOS-2018-0535 – Ocularis Recorder VMS_VA Denial of Service Vulnerability

1 min read

Talos is disclosing a denial-of-service vulnerability in the Ocularis Recorder. Ocularis is a video management software (VMS) platform used in a variety of settings, from convenience stores, to city-wide deployments....

April 12, 2018

THREAT RESEARCH

Vulnerability Spotlight: TALOS-2018-0529-531 – Multiple Vulnerabilities in NASA CFITSIO library

1 min read

Vulnerabilities discovered by Tyler Bohan from Talos Overview Talos is disclosing three remote code execution vulnerabilities in the NASA CFITSIO library. CFITSIO is a library of C and Fortran subroutines...

April 11, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Simple DirectMedia Layer Vulnerabilities

1 min read

Vulnerabilities identified in Simple DirectMedia Layer's SDL2_Image library could allow code execution. Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to audio, keyboard, mouse, joystick, and graphics hardware via OpenGL and Direct3D.

April 11, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Computerinsel PhotoLine PSD Code Execution Vulnerabilities

1 min read

Cisco Talos discloses a vulnerability within the PSD-parsing functionality of Computerinsel Photoline, an image processing tool. PSD is a document format used by Adobe Photoshop and supported by many third-party applications.

October 31, 2017

THREAT RESEARCH

Vulnerability Spotlight: The Circle of a Bug’s Life

1 min read

Cisco Talos is disclosing several vulnerabilities identified in Circle with Disney. Circle with Disney is a network device designed to monitor the Internet use of children on a given network. Circle pairs wirelessly, with your home Wi-Fi and allows you to manage every device on the network, tablet, TV, or laptop. It can also pair […]