Vulnerabilities
Pair of Artifex MuPDF memory corruption vulnerabilities patched
If exploited, both could lead to arbitrary code executive, the company reported.
About SC Media
Your search for Talos returned 172 results
Malware, Messaging Security, Security News
WolfRAT malware targets WhatsApp, Messenger
A new malware called “WolfRAT is targeting messaging apps, such as WhatsApp, Facebook Messenger and Line on Thai Android devices. WolfRAT, according to the Cisco Talos intelligence team, is based on a leak of the previously leaked DenDroid malware family. Talos said in a blog post it highly believes that this modified version of the malware…
Vulnerabilities
Hack-It Ralph? Circle with Disney parental filter filled with exploitable flaws
A Disney-branded internet filter underwent automatic patching after researchers discovered multiple vulnerabilities that could have exposed users to cyberattacks, researchers from Talos have reported.
Cybercrime, Security News
74 Facebook groups for cybercriminals found
There are Facebooks groups for moms, people who like trains, or old photographs of Chicago so it should come as no surprise that cybercriminals also use the social media network to discuss what they like. Cisco Talos found 74 Facebook groups with more than 385,000 members with dedicated to acts ranging from shady to illegal.…
APTs/cyberespionage, Government/Defense, Malware, Security News
Geopolitical targets figuring in latest StrongPity attacks
StrongPity, aka Promethium, a potentially state-sponsored APT group active since 2012, isn’t letting exposed campaigns in recent years stop it from trying to install malware around the world, particularly in warzones such as Syria. Two separate reports this week from Cisco Talos and Bitdefender suggest the attackers are getting more aggressive in their geo-targeted malicious…
Vulnerabilities
IrfanView plug-in updated to fix arbitrary code execution flaw
The jpeg2000 (JP2) plug-in for the Windows-based image viewing and editing application IrfanView has been updated to address a vulnerability that can lead to arbitrary code execution, Cisco's Talos division has reported.
APTs/cyberespionage, Cybercrime, Security News
Sea Turtle DNS hijackers linked to breach of Greece’s ccTLD organization
Despite being publicly exposed earlier this year, the actors behind the malicious Sea Turtle DNS hijacking campaign continue to unabashedly rack up new victims, and apparently added a new technique to their repertoire, a new report states. The group made waves last April when researchers at Cisco’s Talos unit reported that the attackers have been…
Phishing
Apparent Korean actor ‘Group123’ linked to six phishing campaigns, including ‘Evil New Year’ scam
Researchers have attributed six separate phishing campaigns targeting South Koreans in either 2017 or 2018 to a single threat actor called "Group123," including multiple operations designed to infect victims with the remote administration tool ROKRAT.
Malware
GravityRAT malware detects virtualized environments by taking infected machines’ temperature
A previously unidentified malicious remote access tool (RAT) primarily targeting Indian organizations uses seven different techniques for sniffing out researchers' virtual machines and sandbox environments, including taking the temperature of an infected computer.
Network Security, Security News
Researchers disclose six privilege escalation bugs in Shimo VPN client
The Shimo VPN client for Mac systems contains six privilege escalation vulnerabilities that have yet to be patched by its developers, researchers from Cisco’s Talos division reported yesterday. Shimo is a product that allows users to connect multiple VPN accounts to a single application. Discovered by Cisco Labs researcher Tyler Bohan, all six flaws were…
Next post in Network Security
