Exploitable or Not Exploitable? Using REVEN to Examine a NULL Pointer Dereference.
It can be very time-consuming to determine if a bug is exploitable or not. In this post, we’ll show how to decide if a vulnerability is exploitable by tracing back...
Talos
TalosIntelligence.com is rolling out a new dispute system
At Cisco Talos, we need customers to be able to provide feedback at all times, whether it be about false positives, false negatives, or missed categories. Because we deal with...
Security: Is it Mission Impossible?
Vigilance is key. You can purchase all the tools in the world, but when a breach hits, you need to be prepared--an expert team backed by the latest threat research by your side.
Vulnerability Spotlight: Multiple Vulnerabilities in Sony IPELA E Series Camera
Today, Cisco Talos is disclosing several vulnerabilities discovered with the Sony IPELA E Series Network Camera. Sony IPELA Cameras are network-facing cameras used for monitoring and surveillance.
My Little FormBook
Cisco Talos has been tracking a new campaign involving the FormBook malware since May 2018 that utilizes four different malicious documents in a single phishing email. FormBook is an inexpensive...
Vulnerability Spotlight: Multiple Remote Vulnerabilities In Insteon Hub PubNub
Cisco Talos is disclosing twelve new vulnerabilities in Insteon Hub, ranging from remote code execution, to denial of service. The majority of the vulnerabilities have their root cause in the...
VPNFilter Update – VPNFilter exploits endpoints, targets new devices
Cisco Talos has discovered additional details regarding "VPNFilter," which is targeting more makes/models of devices than initially thought, and has additional capabilities to deliver exploits to endpoints.
New VPNFilter malware targets at least 500K networking devices worldwide
For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor's widespread use.
The 3 Ps of Comprehensive Cybersecurity
The threat of cybersecurity breaches is business impacting in our ever-increasing connected world. But technology alone is no panacea to the increasing scale and complexity of cybersecurity threats.