2017 in Snort Signatures.
2017 was an eventful year for cyber security with high profile vulnerabilities that allowed self-replicating worm attacks such as
Cisco Talos
Vulnerability Spotlight: Tinysvcmdns Multi-label DNS DoS Vulnerabilility
Overview Talos is disclosing a single NULL pointer dereference vulnerability in the tinysvcmdns library. Tinysvcmdns is a tiny MDNS responder implementation for publishing services. This is essentially a mini and embedded version of Avahi or Bonjour.
Sun, Sand and Industrial Security
Across the United States, people are defrosting and starting to shovel their way out of January’s Polar Vortex “bomb cyclone.” Even the state of Florida saw some chillier than usual temperatures. Florida has de-thawed now and next week security
Threat Round Up for December 29 – January 5
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between December 29 and January 05. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the
Vulnerability Spotlight: VMWare VNC Vulnerabilities
Today, Talos is disclosing a pair of vulnerabilities in the VNC implementation used in VMWare’s products that could result in code execution. VMWare implements VNC for its remote management, remote access, and automation purposes in VMWare
Threat Round Up for Dec 01 – Dec 08
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between December 01 and December 08. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the
The Mutiny Fuzzing Framework and Decept Proxy
This blog post is authored by James Spadaro of Cisco ASIG and Lilith Wyatt of Cisco Talos. Imagine a scenario where you, as a vulnerability researcher, are tasked with auditing a network application to identify vulnerabilities. By itself, the task may
ROKRAT Reloaded
This post was authored by Warren Mercer, Paul Rascagneres and with contributions from Jungsoo An. Earlier this year, Talos published 2 articles concerning South Korean threats. The first one was about the use of a malicious HWP document which dropped
Talos Wins The 5th Volatility Plugin Contest With Pyrebox
Talos has won this year’s 5th Volatility plugin contest with Pyrebox. Volatility is a well-known open-source framework designed to analyse operating system memory. The framework exists since 2007, for the previous 5 years they have run a plugin