Talos ThreatSource is a regular intelligence update from Cisco Talos, highlighting the biggest threats each week and other security news.
Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.
How does your company or organization handle the conversation around cybersecurity? In this week’s Beers with Talos episode, we try to help you improve that conversation. Does the language itself need to change? Or do the people participating need to be switched out? You can hear our hosts’ take in the full episode.
On the malware side of things, we have a new, significant mobile device management (MDM) system that has targeted iPhones in India. At this time, we don't know how the attacker managed to enroll the targeted devices, but you can read all about the campaign here.
Our researchers also disclosed some notable vulnerabilities in Computerinsel Photoline — a popular image-editing software. These flaws could allow an attacker to gain arbitrary code execution.
Finally, we also have our weekly Threat Roundup, which you can find on the blog every Friday afternoon. There, we go over the most prominent threats we’ve seen (and blocked) over the past week.
If you want to see one of our researchers out and about, be sure to check below for upcoming public engagements where they will represent Talos.
Location: Mandalay Bay Convention Center, Las Vegas, Nevada
Synopsis: Cisco Talos will be represented at the Black Hat conference for all six days. On Aug. 8, from 3 to 5 p.m., Paul and Warren will be delivering a talk in Business Hall Theater B covering supply chain attacks.
Location: Fairmont The Queen Elizabeth hotel in Montreal, Quebec, Canada
Synopsis: Paul and Warren are hosting a joint talk on the Olympic Destroyer malware from earlier this year, and will cover why it is so difficult to attribute the attack. Vanja will also be hosting a workshop on manual kernel mode malware analysis.
Description: A vulnerability exists in the Cisco Fabric Services component of the Firepower eXtensible Operating System (FXOS) and the NX-OS network operating system that could allow an attacker to read sensitive memory content. The bug also could open a victim machine to a denial-of-service attack or arbitrary code execution.
Description: Computerinsel Photoline — an image-processing tool used to modify and edit images — contains several flaws that could lead to arbitrary remote code execution. The vulnerabilities are present in the parsing functionality of the software.
Description: There are six different vulnerabilities in the Antenna House Office Server Document Converter. The vulnerabilities can be exploited to locally execute code, or even remotely if the product is used in batch mode by the owners. A specially crafted Microsoft Word document can exploit the bugs.
Keep up with all things Talos by following us on Twitter and Facebook. You can also subscribe to the Beers with Talos podcast, which comes out bi-weekly, here (as well as on your favorite podcast app). And, if you’re not already, you can also subscribe to the weekly Threat Source newsletter here.