Talos ThreatSource is a regular intelligence update from Cisco Talos, highlighting the biggest threats each week and other security news.
Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. We hope that all of our readers and customers in the U.S. had a safe and happy Fourth of July.
Do you want to know the best way to protect your personal — or your company’s — data? Take it off the internet. So says Lurene Grenier, who was recently the keynote speaker at the Talos Threat Research Summit in Orlando, Florida. Lurene joined the Beers with Talos podcast while they were down in Florida to record a follow-up interview to her talk. You can listen to that here.
Our researchers have also released their findings on a new form of Smoke Loader. The malware, which is often used as a downloader to install other types of malware onto a machine, has been using the PROPagate injection technique in real-world campaigns.
On the vulnerability front, we have all of the details about a major flaw in VMWare Workstation that could leave a machine open to a denial-of-service attack.
If you want to see one of our researchers out and about, be sure to check below for upcoming public engagements where Talos will be represented.
Location: Mandalay Bay Convention Center, Las Vegas, Nevada
Synopsis: Cisco Talos will be represented at the Black Hat conference for all six days. On Aug. 8, from 3 to 5 p.m., Paul and Warren will be delivering a talk in Business Hall Theater B covering supply chain attacks.
Location: Fairmont The Queen Elizabeth hotel in Montreal, Quebec, Canada
Synopsis: Paul and Warren are hosting a joint talk on the Olympic Destroyer malware from earlier this year, and will cover why it is so difficult to attribute the attack. Vanja will also be hosting a workshop on manual kernel mode malware analysis.
Description: The new version of Mozilla Firefox has fixed a wide range of vulnerabilities. Six of the flaws included in this update were rated as “critical” and five were rated as having “high” importance.
Description: An exploit was found in the WebKit component of certain Apple products, including some versions of Safari, iOS and iCloud. The flaw allows remote attackers to execute arbitrary code or cause a denial of service via a specially crafted website.
Description: VMWare Workstation contains a bug that could allow a malicious attacker to cause a denial of service on the victim machine. The vulnerability lies in the pixel shader utilized by VMWare Workstation and can be triggered by supplying a malformed pixel shader in either text or binary form inside a VMWare guest operating system.
Keep up with all things Talos by following us on Twitter and Facebook. You can also subscribe to the Beers with Talos podcast, which comes out bi-weekly, here (as well as on your favorite podcast app). And, if you’re not already, you can also subscribe to the weekly Threat Source newsletter here.