Microsoft’s Patch Tuesday for February 2015 has arrived. This month’s round of security updates is large with Microsoft releasing 9 bulletins addressing 56 CVEs. 3 of the bulletins are rated critical and address vulnerabilities within Internet
This post was authored by Andrea Allievi & Earl Carter Ransomware continues to impact a large number of organizations and the malware continues to evolve. In January, we examined Cryptowall 2.0 and highlighted new features incorporated into the
Adversaries are committed to continually refining or developing new techniques to conceal malicious activity, decrease their reliance on other techniques that may be more detectable, and become increasingly more efficient and effective in their
This post was authored by Nick Biasini On January 27th, Talos researchers began observing a new Angler Exploit Kit (EK) campaign using new variants associated with (CVE-2015-0311). Based on our telemetry data the campaign lasted from January 26th
This post was authored by Nick Biasini, Earl Carter, Alex Chiu and Jaeson Schultz On Tuesday January 27, 2015, security researchers from Qualys published information concerning a 0-day vulnerability in the GNU C library. The vulnerability, known as
This post was authored by Nick Biasini, Earl Carter and Jaeson Schultz Flash has long been a favorite target among Exploit Kits (EK). In October 2014 the Angler EK was believed to be targeting a new Flash vulnerability. The bug that the Angler exploit
This post was written by Yves Younan. Microsoft’s first Update Tuesday of 2015 is pretty light, there’s a total of eight bulletins, all covering a single vulnerability. Seven of these bulletins are rated as important and just one is rated critical. No
This post was authored by Andrea Allievi and Earl Carter. Ransomware holds a user’s data hostage. The latest ransomware variants encrypt the user’s data, thus making it unusable until a ransom is paid to retrieve the decryption key. The latest
This post was authored by Christopher Marczewski with contributions from Craig WIlliams *This blog post has been updated to include Command and Control IP addresses used by the malware. A new piece of wiper malware has received quite a bit of media
