Cisco Talos

Multiple vulnerabilities discovered in ZTE's LTE routers

Cisco Talos recently discovered multiple vulnerabilities in the ZTE MF971R LTE portable router. An attacker could exploit these by sending a specially crafted HTTP request to the targeted device.

Code execution vulnerabilities discovered in Nitro Pro PDF

Cisco Talos discovered multiple vulnerabilities in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application. Users are urged to update their apps.

Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows

Cisco Talos recently discovered two vulnerabilities in the Anker Eufy Homebase. The Eufy Homebase 2 is the video storage and networking gateway that works with Anker’s Eufy Smarthome ecosystem.

Targeted Attacks Launched Against Government Personnel in India Using Commercial RATs

The lures used in this campaign are predominantly themed around operational documents and guides such as those pertaining to the "Kavach" (hindi for "armor") 2FA application operated by India's NIC.

Information disclosure vulnerability reported in D-LINK DIR-3040 mesh router

The DIR-3040 is an AC3000-based wireless internet router that creates a mesh network for the user, allowing them to connect multiple devices in their environment, oftentimes at home.

TinyTurla - Turla deploys new malware to keep a secret backdoor on victim machines

Cisco Talos researchers recently discovered a new backdoor used by the Russian Turla APT group. They observed infections in the U.S., Germany, and, more recently, in Afghanistan.
September 17, 2021

Operation Layover: How we tracked an attack on the aviation industry to five years of compromise

The threat actor is based out of Nigeria and doesn't seem to be technically sophisticated, using off-the-shelf malware since the beginning of its activities without developing its own malware.

Code execution vulnerability detected in Nitro Pro PDF

Cisco Talos recently discovered a use-after-free vulnerability (CVE-2021-21798) in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application.

Heap buffer overflow vulnerability patched in Ribbonsoft dxflib library

Users are encouraged to update the affected products quickly: Ribbonsoft dxflib, version 3.17.0. Talos tested and confirmed these versions of the library could be exploited by this vulnerability.
September 2, 2021

Translated: Talos' insights from the recently leaked Conti ransomware playbook

It is unclear whether the document was originally written entirely in Russian or they machine-translated some English-language documents and included them in the playbook.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags