Vulnerability Spotlight: LibTIFF Issues Lead To Code Execution
By Talos Group These Vulnerabilities were discovered by Tyler Bohan of Cisco Talos. Talos is releasing multiple vulnerabilities (TALOS-2016-0187, TALOS-2016-0190 & TALOS-2016-0205) in the LibTIFF library . One vulnerability (TALOS-2016-0187) is an exploitable heap based buffer overflow that impacts the LibTIFF TIFF2PDF conversion tool. Another vulnerability (TALOS-2016-0190) impacts the parsing and handling of TIFF images […]
Präsentieren Sie komfortabel ohne Kabel
Präsentieren Sie komfortabel ohne Kabel? Meetings und Präsentationen bringen Sie im Vorfeld bereits ins Schwitzen? Kabel fehlen auf einmal, Adapter für Beamer und Displays sind nicht mit den gerade erforderlichen Anschlüssen vorhanden. Jeder Wechsel des Vortragenden geht einher mit umständlichem Umstöpseln und Adaptertausch? Das ist weder effizient noch befriedigend. Ein erster Ansatz zur Lösung waren […]
Pumpkin Spiced Locky
By Talos Group This post was authored by Warren Mercer & Edmund Brumaghin Summary We had .locky, we had .odin and then we had .zepto but today we hit rock bottom and we now have Locky using .shit as their encrypted file extension. In today’s latest wave of spam, Talos has observed three distinct spam […]
Pumpkin Spiced Locky
By Talos Group This post was authored by Warren Mercer & Edmund Brumaghin Summary We had .locky, we had .odin and then we had .zepto but today we hit rock bottom and we now have Locky using .shit as their encrypted file extension. In today’s latest wave of spam, Talos has observed three distinct spam […]
IoT: Securing the Next Chapter of the Digitization “Book”
By Anthony Grieco The Internet of Things (IoT) era is here: Nearly two-thirds of organizations currently collect data from equipment, devices or other connected endpoints and use it for a business purpose, according to survey findings from 451 Research. The most common sources of IoT data are equipment related to data center IT operations (as […]
IoT: Securing the Next Chapter of the Digitization “Book”
By Anthony Grieco The Internet of Things (IoT) era is here: Nearly two-thirds of organizations currently collect data from equipment, devices or other connected endpoints and use it for a business purpose, according to survey findings from 451 Research. The most common sources of IoT data are equipment related to data center IT operations (as […]
Piecing Together Malicious Behavior in Encrypted Traffic
By Jan Kohout This post was authored by Jan Kohout, Veronica Valeros and Petr Somol. Increasing adoption of encryption in web communication significantly contributes to protection of users‘ privacy. However, it also brings tough challenges for intrusion detection systems that need to analyze the traffic without actually decrypting it. There is not much information left […]