Vulnerability Research
Cisco Identifies Multiple Vulnerabilities in Network Time Protocol daemon (ntpd)
1 min read
Cisco is committed to improving the overall security of the products and services our customers rely on. As part of this commitment, Cisco assesses the security of software components used in our products. Open source software plays a key role in many Cisco products and as a result, ensuring the security of open source software […]
Talos Identifies Multiple Memory Corruption Issues in Quicktime
2 min read
Update 2015-08-21: This post has been updated to reflect an additional advisory released on August 20. Talos, in conjunction with Apple’s security advisories issued on August 13 and August 20, has released six advisories for vulnerabilities that Talos found in Apple Quicktime. In accordance with our Vendor Vulnerability Reporting and Disclosure policy, these vulnerabilities have been […]
The Best Defense is a Good Offense? Why Cisco Security Researchers Attack Cisco Technologies
1 min read
This week, Cisco provided comments on the Department of Commerce’s Bureau of Industry and Security (BIS) proposed cybersecurity regulations. These comments reflect the realities of how Cisco looks to protect both our customers and our products. They also emphasize the critical role that security researches, access to tools, and qualified talent have in cybersecurity. Cisco has […]
Concerns about the Department of Commerce’s Proposed Export Rule under the Wassenaar Arrangement
1 min read
Today, Cisco filed comments on a Proposed Rule published by the Department of Commerce’s Bureau of Industry and Security (BIS) in an effort to comply with an international agreement called the Wassenaar Arrangement. The proposal would regulate a wide array of technologies used in security research as controlled exports, in the same manner as if […]
Vulnerability Spotlight: Total Commander FileInfo Plugin Denial of Service
1 min read
Talos is releasing an advisory for multiple vulnerabilities that have been found within the Total Commander FileInfo Plugin. These vulnerabilities are local denial of service flaws and have been assigned CVE-2015-2869. In accordance with our Vendor Vulnerability Reporting and Disclosure policy, these vulnerabilities have been disclosed to the plugin author(s) and CERT. This post serves […]