vulnerability spotlight

April 21, 2020

THREAT RESEARCH

Vulnerability Spotlight: Zoom Communications User Enumeration

1 min read

Video conferencing and calling software has spiked in popularity as individuals across the globe are forced to stay home due to the COVID-19 pandemic. There are a plethora of players in this space, with one or two getting increased attention. One service in particular — Zoom — has received an enormous amount of attention from […]

April 15, 2019

THREAT RESEARCH

Vulnerability Spotlight: Multiple vulnerabilities in Shimo VPN’s helper tool

1 min read

Cisco Talos is disclosing a series of vulnerabilities found in the Shimo VPN Helper Tool. Shimo VPN is a popular VPN client for MacOS that can be used to connect...

January 30, 2019

THREAT RESEARCH

Vulnerability Spotlight: Multiple vulnerabilities in ACD Systems Canvas Draw 5

1 min read

Cisco Talos is disclosing several vulnerabilities in ACD Systems' Canvas Draw 5, a graphics-editing tool for Mac. The vulnerable component of Canvas Draw 5 lies in the handling of TIFF...

January 28, 2019

THREAT RESEARCH

Vulnerability Spotlight: Multiple WIBU SYSTEMS WubiKey vulnerabilities

1 min read

Marcin "Icewall" Noga of Cisco Talos discovered these vulnerabilities. Executive Summary Cisco Talos discovered two vulnerabilities that could allow remote code execution and memory disclosure at the kernel level...

January 15, 2019

THREAT RESEARCH

Vulnerability Deep Dive: TP-Link TL-R600VPN remote code execution vulnerabilities

1 min read

Introduction TP-Link recently patched three vulnerabilities in their TL-R600VPN gigabit broadband VPN router, firmware version 1.3.0. Cisco Talos publicly disclosed these issues after working with TP-Link to ensure...

October 31, 2018

THREAT RESEARCH

Vulnerability Spotlight: Multiple Vulnerabilities in Yi Technology Home Camera

1 min read

Vulnerabilities Discovered by Lilith [x_x] of Cisco Talos. Overview Cisco Talos is disclosing multiple vulnerabilities in the firmware of the Yi Technology Home Camera. In order to prevent the exploitation...

October 26, 2018

THREAT RESEARCH

Vulnerability Spotlight: Talos-2018-0694 – MKVToolNix mkvinfo read_one_element Code Execution Vulnerability

1 min read

Piotr Bania, Cory Duplantis and Martin Zeiser of Cisco Talos discovered this vulnerability. Today, Cisco Talos is disclosing a vulnerability that we identified in the MKVToolNix mkvinfo utility that parses...

October 9, 2018

THREAT RESEARCH

Vulnerability in the Intel Unified Shader compiler for the Intel Graphics Accelerator

1 min read

Vulnerabilities discovered by Piotr Bania of Cisco Talos Talos is disclosing a pointer corruption vulnerability in the Intel Unified Shader compiler for the Intel Graphics Accelerator. OVERVIEW In order for...

October 2, 2018

THREAT RESEARCH

Vulnerability Spotlight: Adobe Acrobat Reader DC Collab reviewServer Remote Code Execution Vulnerability

1 min read

Discovered by Aleksandar Nikolic of Cisco Talos Overview Today, Talos is releasing details of a new vulnerability within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and...