Combatting Cybercrime with an Incident Response Plan
By Sean Mason Based on the cybersecurity news proliferating in the mainstream media today – from ransomware incidents to data breaches of massive proportions – it has become clear that organizations need to put security mechanisms in place to protect their IT infrastructure. Organizations commonly use anti-virus, firewall, intrusion prevention and other security technologies to […]
Malicious Microsoft Office Documents Move Beyond InkPicture
By Ross Gibb In late August we began to detect malicious Microsoft Word documents that contained VisualBasic (VB) macro code and the code appeared to be triggering when the document was opened. However, the documents did not contain any of the standard events used to launch VB macro code when a document is opened, including […]
Malicious Microsoft Office Documents Move Beyond InkPicture
By Ross Gibb In late August we began to detect malicious Microsoft Word documents that contained VisualBasic (VB) macro code and the code appeared to be triggering when the document was opened. However, the documents did not contain any of the standard events used to launch VB macro code when a document is opened, including […]
Evolving Security Disclosures : The New OASIS Common Security Advisory Framework (CSAF) Technical Committee
By Omar Santos During the last few years we have witnessed how the cyber security threat landscape has evolved. The emergence of the Internet of Things combined with recent events have profoundly changed how we protect our systems and people, and drive us to think about new approaches for vendors to disclose security vulnerabilities to […]
Evolving Security Disclosures : The New OASIS Common Security Advisory Framework (CSAF) Technical Committee
By Omar Santos During the last few years we have witnessed how the cyber security threat landscape has evolved. The emergence of the Internet of Things combined with recent events have profoundly changed how we protect our systems and people, and drive us to think about new approaches for vendors to disclose security vulnerabilities to […]
Vulnerability Spotlight: Hopper Disassembler ELF Section Header Size Code Execution
By Talos Group Vulnerability Discovered by Tyler Bohan and Cory Duplantis of Cisco Talos Talos has identified an exploitable out-of-bounds write vulnerability in the ELF Section Header parsing functionality of Hopper (TALOS-2016-0222/CVE-2016-8390). Hopper is a reverse engineering tool for macOS and Linux allowing the user to disassemble and decompile 32/64bit Intel-based Mac, Linux, Windows and […]
Vulnerability Spotlight: Hopper Disassembler ELF Section Header Size Code Execution
By Talos Group Vulnerability Discovered by Tyler Bohan and Cory Duplantis of Cisco Talos Talos has identified an exploitable out-of-bounds write vulnerability in the ELF Section Header parsing functionality of Hopper (TALOS-2016-0222/CVE-2016-8390). Hopper is a reverse engineering tool for macOS and Linux allowing the user to disassemble and decompile 32/64bit Intel-based Mac, Linux, Windows and […]