Microsoft Patch Tuesday – April 2017
Today we bring you April’s Microsoft Patch Tuesday information for vulnerabilities in Outlook, Edge, Internet Explorer, Hyper-V, .NET, and Scripting Engine.
Talos
From Box to Backdoor: Discovering Just How Insecure an ICS Device is in Only 2 Weeks
Inspired by "From LOW to PWNED," we decided to take a look at one Industrial Control System (ICS) wireless access point and see just how many vulnerabilities we could find in two weeks.
Threat Round-up for Mar 31 – Apr 7
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between March 31 and April 7. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats
Hacking the Belkin E Series OmniView 2-Port KVM Switch
Author: Ian Payton, Security Advisory EMEAR Introduction Too frequently security professionals only consider software vulnerabilities when considering the risks of connecting devices to their networks and systems. When it comes to considering
Introducing ROKRAT
This blog was authored by Warren Mercer and Paul Rascagneres with contributions from Matthew Molyett. Executive Summary A few weeks ago, Talos published research on a Korean MalDoc. As we previously discussed this actor is quick to cover their tracks
Threat Round-up for Mar 24 – Mar 31
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between March 24 and March 31. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats
Vulnerability Spotlight: Certificate Validation Flaw in Apple macOS and iOS Identified and Patched
Most people don’t give much thought to what happens when you connect to your bank’s website or log in to your email account. For most people, securely connecting to a website seems as simple as checking to make sure the little padlock in
Threat Round-up for the Week of Mar 20 – Mar 24
Talos is publishing a summary glimpse into the most prevalent threats observed over the past week.
How Malformed RTF Defeats Security Engines
This post is authored by Paul Rascagneres with contributions from Alex McDonnell Executive Summary Talos has discovered a new spam campaign used to infect targets with the well known Loki Bot stealer. The infection vector is an RTF document abusing