Vulnerability Spotlight: IrfanView Jpeg2000 Reference Tile width Arbitrary Code Execution Vulnerability
By Talos Group Discovered by Aleksandar Nikolic of Cisco Talos Overview Talos is disclosing TALOS-2017-0310 / CVE-2017-2813, an arbitrary code execution vulnerability in the JP2 plugin for IrfanView image viewer. IrfanView is a widely used, Windows based, image viewing and editing application. This particular vulnerability is in the jpeg2000 plugin (JP2) for IrfanView resulting in […]
Fortinet Threat Report Q4 2016
Unser Technologie-Partner Fortinet hat weltweit mehrere Millionen Geräte im Einsatz, die im Sekundentakt Bedrohungen sehen und entschärfen. Durch die schiere Menge an Sensoren lässt sich ein sehr aussagekräftiges Bild zur Sicherheits- und Bedrohungslage treffen. Wie die Sicherheitsforscher der FortiGuard-Labs dabei vorgehen, sehen Sie in diesem Video. Herausstechende Merkmale des letzten Quartals sind sicherlich der größte […]
Vulnerability Spotlight: Hard-coded Credential Flaw in Moxa ICS Wireless Access Points Identified and Fixed
By Talos Group Earlier this month, Talos responsibly disclosed a set of vulnerabilities in Moxa ICS wireless access points. While most of the vulnerabilities were addressed in the previous set of advisories, Talos has continued to work with Moxa to ensure all remaining vulnerabilities that Talos identified are patched. Today in coordination with Moxa, Talos […]
Vulnerability Spotlight: Hard-coded Credential Flaw in Moxa ICS Wireless Access Points Identified and Fixed
By Talos Group Earlier this month, Talos responsibly disclosed a set of vulnerabilities in Moxa ICS wireless access points. While most of the vulnerabilities were addressed in the previous set of advisories, Talos has continued to work with Moxa to ensure all remaining vulnerabilities that Talos identified are patched. Today in coordination with Moxa, Talos […]
Threat Spotlight: Mighty Morphin Malware Purveyors: Locky Returns Via Necurs
By Talos Group This post was authored by Nick Biasini Throughout the majority of 2016, Locky was the dominant ransomware in the threat landscape. It was an early pioneer when it came to using scripting formats Windows hosts would natively handle, like .js, .wsf, and .hta. These scripting formats acted as a vehicle to deliver […]
Threat Spotlight: Mighty Morphin Malware Purveyors: Locky Returns Via Necurs
By Talos Group This post was authored by Nick Biasini Throughout the majority of 2016, Locky was the dominant ransomware in the threat landscape. It was an early pioneer when it came to using scripting formats Windows hosts would natively handle, like .js, .wsf, and .hta. These scripting formats acted as a vehicle to deliver […]
Threat Round-up for Apr 14 – Apr 21
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 14 and April 21. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our […]