How Malformed RTF Defeats Security Engines
This post is authored by Paul Rascagneres with contributions from Alex McDonnell Executive Summary Talos has discovered a new spam campaign used to infect targets with the well known Loki Bot stealer....
View ArticleIntroducing ROKRAT
This blog was authored by Warren Mercer and Paul Rascagneres with contributions from Matthew Molyett. Executive Summary A few weeks ago, Talos published research on a Korean MalDoc. As we previously...
View ArticleArbitrary Code Execution Vulnerabilities in MuPDF Identified and Patched
Talos is disclosing the presence of two vulnerabilities in the Artifex MuPDF renderer. MuPDF is a lightweight PDF parsing and rendering library featuring high fidelity graphics, high speed, and compact...
View ArticleVulnerability Spotlight: TALOS-2017-0311,0319,0321 – Multiple Remote Code...
Vulnerability discovered by Marcin Noga, Lilith Wyatt and Aleksandar Nikolic of Cisco Talos. Overview Talos has discovered multiple vulnerabilities in the freedesktop.org Poppler PDF library....
View ArticleKorea In The Crosshairs
This article exposes the malicious activities of Group 123 during 2017. We assess with high confidence that Group 123 was responsible for six campaigns targeting both Korean and Non-Korean institutions.
View ArticleCisco PSIRT Notice About Public Exploitation of the Cisco ASA Web Services...
With the security of our customers' networks being a top priority, we're actively raising awareness of a vulnerability affecting Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software.
View ArticleVulnerability Spotlight: Multiple Issues in Foxit PDF Reader
Overview Cisco Talos is disclosing eightteen vulnerabilities in Foxit PDF Reader, a popular free program for viewing, creating and editing PDF documents. It is commonly used as an...
View ArticleOld dog, new tricks – Analysing new RTF-based campaign distributing Agent...
This blog post was authored by Edmund Brumaghin and Holger Unterbrink with contributions from Emmanuel Tacheau. Executive Summary Cisco Talos has discovered a new malware campaign...
View ArticleVulnerability Spotlight: TALOS-2018-0635/0636 – Sophos HitmanPro.Alert memory...
Overview Cisco Talos is disclosing two vulnerabilities in Sophos HitmanPro.Alert, a malware detection and protection tool. Both vulnerabilities lie in the input/output control (IOCTL) message handler....
View ArticleTalos Vulnerability Deep Dive – TALOS-2018-0636 / CVE-2018-3971 Sophos...
Overview After disclosing two vulnerabilities in Sophos HitmanPro.Alert on Thursday, Cisco Talos will show you the process of developing an exploit for one of these bugs. We will take...
View Article
