January 9, 2019


Microsoft Patch Tuesday — January 2019: Vulnerability disclosures and Snort coverage

Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, seven of which are rated “critical,”...

December 10, 2018


in(Secure) messaging apps — How side-channel attacks can compromise privacy in WhatsApp, Telegram, and Signal

Messaging applications have been around since the inception of the internet. But recently, due to the increased awareness around mass surveillance in some countries, more users are installing end-to-end encrypted...

November 13, 2018


5 Things To Know About the Catalyst 9000 Expansion

Announcing two big additions to our Catalyst 9000 family. The Catalyst 9200 switch and the Catalyst 9800 wireless LAN controller.

November 6, 2018


CyberVets U.S.A.: The Mission After Transition

Christopher Marshall, a veteran of the U.S. Navy, currently serves as Director of Cybersecurity Research for Cisco Talos Intelligence Group. As a veteran of the U.S....

November 5, 2018


Persian Stalker pillages Iranian users of Instagram and Telegram

State-sponsored actors have a number of different techniques at their disposal to remotely gain access to social media and secure messaging applications. Starting in 2017 and continuing through 2018, Cisco...

October 31, 2018


Vulnerability Spotlight: Multiple Vulnerabilities in Yi Technology Home Camera

Vulnerabilities Discovered by Lilith [x_x] of Cisco Talos. Overview Cisco Talos is disclosing multiple vulnerabilities in the firmware of the Yi Technology Home Camera. In order to prevent the exploitation...

October 30, 2018


Talos Vulnerability Discovery Year in Review – 2018

Introduction Cisco Talos' Vulnerability Discovery Team investigates software and operating system vulnerabilities in order to discover them before malicious threat actors. We provide this information to vendors so that they...

August 30, 2018


Rocke: The Champion of Monero Miners

Cryptocurrency miners are becoming an increasingly significant part of the threat landscape.

August 2, 2018


Exploitable or Not Exploitable? Using REVEN to Examine a NULL Pointer Dereference.

It can be very time-consuming to determine if a bug is exploitable or not. In this post, we’ll show how to decide if a vulnerability is exploitable by tracing back...