Talos ThreatSource is a regular intelligence update from Cisco Talos, highlighting the biggest threats each week and other security news.
Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Cisco Talos from the past week.
It’s the second week of the month, which means it’s Patch Tuesday time! As always, we have complete coverage of Microsoft’s monthly security update. Here is the Talos blog going over the vulnerabilities we think are most important. You can also check out the Snort blog here to learn more about the coverage we have for these bugs.
Talos discovered one of the bugs in this month’s release — a vulnerability in the WindowsCodecs.dll component of the Windows operating system.
We also have our weekly Threat Roundup, which you can find on the blog every Friday afternoon. There, we go over the most prominent threats we’ve seen (and blocked) over the past week.
If you want to see one of our researchers out and about, be sure to check below for upcoming public engagements where they will represent Talos.
Location: Texas Cyber Summit at Wyndham River Walk Hotel in San Antonio, Texas
Synopsis: Wiper malware has been leveraged by attackers for years to facilitate the destruction of data and systems. In many cases, this malware has caused widespread operational issues for organizations and critical infrastructure all over the globe. Attackers have increasingly been leveraging and improving upon their wiper malware over the past several years. This talk will cover several notable examples of wiper malware, how they were distributed and the impacts that resulted from these attacks.
Location: Tech at the Gap conference at the Western Maryland IT Center of Excellence in Cumberland, Md.
Synopsis: Talos specializes in early-warning intelligence and threat analysis necessary for defending networks against the ever-changing threat landscape by leveraging the work of Talos’ large team of threat intelligence experts, researchers, and engineers. In this talk, Ashlee will cover recent threats and the methods and analysis used by Talos to defend against them.
Description: Microsoft disclosed 49 vulnerabilities across several of its products, 12 of which are rated "critical," 34 that are rated "important,” two that are considered to have “moderate” severity and one that’s rated as “low.” There is also a critical advisory that covers security updates in the Microsoft Office suite of products.
Description: Cisco Prime Infrastructure contains a vulnerability that could allow an unauthenticated, remote attacker to upload an arbitrary file, which would allow the attacker to execute code. The bug exists in the way PI incorrectly sets permissions for certain system directories.
Description: Google PDFium's JBIG2 library contains a bug that could lead to an information leak, which could be used as part of a larger exploit. PDFium is a PDF reader used in Google’s Chrome and Chromium web browser. An attacker can exploit this flaw by convincing the user to open a malicious PDF.