Today, we released the last Cisco IOS & IOS XE Software Security Advisory Bundled Publication of 2017. (As a reminder, Cisco discloses vulnerabilities in Cisco IOS and IOS XE Software on a predictable schedule—the fourth Wednesday of March and
I am pleased to announce that the OASIS CSAF Common Vulnerability Reporting Framework (CVRF) Version 1.2 committee specification is now available. As covered in our previous blog posts, the purpose of the OASIS Common Security Advisory Framework
This vulnerability was discovered by Cory Duplantis of Talos Update 9/20/2017: A patch is now available to fix this issue. Overview LibOFX is an open source implementation of OFX (Open Financial Exchange) an open format used by financial institutions
Technological progress is resulting in computing systems that are smaller, cheaper and consuming less power. These micro-computing systems are able to be integrated into everyday objects; when coupled with ubiquitous wireless connectivity these
Beginning last week, many organizations around the globe found themselves responding to infected computers in their environments that were hit with new malicious ransomware called “WannaCry.” Most other organizations reacted quickly to protect their
On Friday, April 14, the actor group identifying itself as the Shadow Brokers released new information containing exploits for vulnerabilities that affect various versions of Microsoft Windows as well as applications such as Lotus Domino.
Today, we released the first Cisco IOS & IOS XE Software Security Advisory Bundled Publication of 2017. (As a reminder, Cisco discloses vulnerabilities in Cisco IOS and IOS XE Software on a predictable schedule—the fourth Wednesday of March and
Vulnerabilities discovered by Talos Talos is releasing multiple vulnerabilities discovered in the Aerospike Database Server. These vulnerabilities range from Denial of Service to potential remote code execution. This software is used by various
The Cisco PSIRT openVuln API is a RESTful API that allows customers to obtain Cisco security vulnerability information in different machine-consumable formats. It supports industrywide security standards such as the Common Vulnerability Reporting
