By Talos Group Talos is disclosing the presence of a vulnerability in Hangul Word Processor. Published by Hancom inc. the Hangul Office Suite, of which Hangul Word Processor is part, is the leading word processing and office productivity suite in South Korea. This vulnerability allows attackers to craft a malicious document that when opened, allows the attacker to cause […]
Source:: Cisco Security Notice
By Brad Garnett You have just been notified by a “TLA” (Three Letter Agency), a law enforcement agency, that your organization has suffered a data breach. Depending on your Threat Management Maturity level, you will either approach this methodically or ad-hoc. A TLA notification will generally involve leveraging the expertise of an Incident Response team, either your internal […]
Source:: Cisco Security Notice
By Brad Garnett You have just been notified by a “TLA” (Three Letter Agency), a law enforcement agency, that your organization has suffered a data breach. Depending on your Threat Management Maturity level, you will either approach this methodically or ad-hoc. A TLA notification will generally involve leveraging the expertise of an Incident Response team, either your internal […]
Source:: Cisco Security Notice
By Talos Group Today, Microsoft has release their monthly set of security updates designed to address vulnerabilities. This month’s release addresses 56 vulnerabilities with 15 of them rated critical and 41 rated important. Impacted products include .NET, DirectX, Edge, Internet Explorer, Office, Sharepoint, and Windows. In addition to the coverage Talos is providing for the normal monthly Microsoft […]
Source:: Cisco Security Notice
By Talos Group Today, Microsoft has release their monthly set of security updates designed to address vulnerabilities. This month’s release addresses 56 vulnerabilities with 15 of them rated critical and 41 rated important. Impacted products include .NET, DirectX, Edge, Internet Explorer, Office, Sharepoint, and Windows. In addition to the coverage Talos is providing for the normal monthly Microsoft […]
Source:: Cisco Security Notice
By Christian Janoff Security in not simple and not all companies are the same. Different business needs, inter-connected applications, and compliance regulations are coupled with increasing demands of the network by employees, partners, customers and most recently, devices; the fragmentation of the attack surface is maddeningly complex, as thieves become better organized to take advantages of it. However, […]
Source:: Cisco Security Notice
By Christian Janoff Security in not simple and not all companies are the same. Different business needs, inter-connected applications, and compliance regulations are coupled with increasing demands of the network by employees, partners, customers and most recently, devices; the fragmentation of the attack surface is maddeningly complex, as thieves become better organized to take advantages of it. However, […]
Source:: Cisco Security Notice
By Talos Group Discovered by Aleksandar Nikolic of Cisco Talos Overview Talos is disclosing TALOS-2017-0293 / CVE 2017-2800, a code execution vulnerability in WolfSSL. WolfSSL is a lightweight SSL/TLS library targeted specifically for embedded and RTOS (Real-Time Operating System) environments, due largely to its small size and performance. WolfSSL is used in a wide range of products including […]
Source:: Cisco Security Notice
By Talos Group Discovered by Aleksandar Nikolic of Cisco Talos Overview Talos is disclosing TALOS-2017-0293 / CVE 2017-2800, a code execution vulnerability in WolfSSL. WolfSSL is a lightweight SSL/TLS library targeted specifically for embedded and RTOS (Real-Time Operating System) environments, due largely to its small size and performance. WolfSSL is used in a wide range of products including […]
Source:: Cisco Security Notice
By Talos Group These vulnerabilities were discovered by Piotr Bania of Cisco Talos. Today, Talos is releasing details of a new vulnerability discovered within the Power Software PowerISO disk imaging software. TALOS-2017-0318 and TALOS-2017-0324 may allow an attacker to execute arbitrary code remotely on the vulnerable system when a specially crafted ISO image is opened and parsed by […]
Source:: Cisco Security Notice
