ITSEC NewsReVault! When your SoC turns against you… - Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Fi... https://blog.talosintelligence.com/revault-when-your-soc-turns-against-you/ #vulnerabilityspotlight
Duping Cloud Functions: An emerging serverless attack vector - Summary and backgroundGoogle Cloud Platform (GCP) Cloud Functions are event-triggered, se... https://blog.talosintelligence.com/duping-cloud-functions-an-emerging-serverless-attack-vector/ #vulnerabilityspotlight
Badgerboard: A PLC backplane network visibility module - Analysis of the traffic between networked devices has always been of interest sinc... https://blog.talosintelligence.com/badgerboard-research/ #vulnerabilityspotlight #features
Badgerboard: A PLC backplane network visibility module
Analysis of the traffic between networked devices has always been of interest since devices could even communicate with one another. As the complexity of networks grew, the more useful dedicated traffic analysis tools became. Major advancements have been made over the years with tools like Snort or Wireshark, but these
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter - Since the discovery of the widespread VPNFilter malware in 2018, Cisco Talos researchers ... https://blog.talosintelligence.com/router-researcher-vulnerability-spotlight-23/ #vulnerabilityspotlight #vpnfilter
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation - Cisco Talos discovered 12 memory corruption vulnerabilities in MSRPC implementatio... https://blog.talosintelligence.com/weaknesses-mac-os-vmware-msrpc/ #vulnerabilityspotlight #vulnerabilitydeepdive
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation
Uncovered issues fall into use-after-free, buffer-overflow, information leak and denial of service vulnerability classes. Some of these could be combined to achieve remote code execution or privilege escalation.
Taking over Milesight UR32L routers behind a VPN: 22 vulnerabilities and a full chain - Cisco Talos discovered 17 vulnerabilities (63 CVEs) in the Milesight UR32L router and fiv... https://blog.talosintelligence.com/talos-discovers-17-vulnerabilities-in-milesight/ #vulnerabilityspotlight
Vulnerability Spotlight: Use-after-free condition in Google Chrome WebGL - Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chr... https://blog.talosintelligence.com/vuln-spotlight-chrome-webgl-use-after-free-june-23/ #vulnerabilityspotlight
Two remote code execution vulnerabilities disclosed in Microsoft Excel - Cisco Talos recently discovered two vulnerabilities in the Microsoft Excel spreadsheet ma... https://blog.talosintelligence.com/two-remote-code-execution-vulnerabilities-disclosed-in-microsoft-excel/ #vulnerabilityspotlight
Memory corruption vulnerability in Mitsubishi PLC could lead to DoS, code execution - Cisco Talos recently discovered a memory corruption vulnerability in the Mitsubishi MELSE... https://blog.talosintelligence.com/vulnerability-in-mitsubishi-plc-could-lead-to-dos-code-execution/ #vulnerabilityspotlight
Vulnerability Spotlight: Authentication bypass, use-after-free vulnerabilities found in a library for the µC/OS open-source operating system - Kelly Leuschner of Cisco Talos discovered these vulnerabilities.Cisco Talos recently disc... https://blog.talosintelligence.com/vulnerability-spotlight-authentication-bypass-use-after-free-vulnerabilities-found-in-uc/ #vulnerabilityspotlight
Vulnerability Spotlight: Authentication bypass, use-after-free vulnerabilities found in a library for the µC/OS open-source operating system
TALOS-2022-1680 (CVE-2022-41985) could allow an attacker to bypass the authentication protocol on the operating system, or cause a denial-of-service, by sending the targeted machine a specially crafted set of network packets.