Talos ThreatSource is a regular intelligence update from Cisco Talos, highlighting the biggest threats each week and other security news.
Oracle Releases Quarterly Security Updates For Various Products
Synopsis: The challenge with malware isn’t writing the malware itself but the ability to get the malicious software onto end systems. Every attacker struggles with this problem – “how do I get this malware on more end hosts?” Newer payloads like ransomware ensure attackers are making more money than ever before. As long as businesses continue to pay, this threat will increase, that’s basic economics. This increase in cash flow drives the evolution of threats and propagation techniques like never before. In this talk we will discuss the evolution of these techniques and how to defend against them.
Synopsis: The modern model of vulnerability mitigation includes robust sandboxing and usermode privilege separation to contain inevitable flaws in the design and implementation of software. As adoption of containment technology spreads to browsers and other software, we see the value of exploits continue to rise as multiple vulnerabilities must be chained together with extreme levels of binary artistry to achieve full system control. As such, there has recently been a high demand to identify kernel vulnerabilities that can bypass sandboxes and process isolation to successfully achieve full system compromise. With this heightened demand, the past few years has seen a massive first wave of kernel vulnerability discovery in the graphics layer of the Windows kernel and the peripheral drivers of the Linux kernel. This lecture will discuss methods for applying evolutionary coverage guided fuzzing to kernel system calls, IOCTLS, and other low level interfaces.
Synopsis: Stringing together the exploitation of several seemingly uninteresting vulnerabilities can be a fun challenge for security researchers, penetration testers, and malicious attackers. This talk follows some of the paths and thought processes that one researcher followed while evaluating the security of several new "out of the box" Industrial Control System (ICS) and Internet of Things (IoT) devices, using a variety of well known exploitation and analysis techniques, and eventually finding undocumented, root-level, and sometimes un-removable, backdoor accounts.
Description: The threat landscape is constantly evolving. As new methods and solutions for combating cyber threats are developed, threat actors will continue to evolve their tactics, techniques, and procedures. This is one of the many reasons that solid threat intelligence is such an essential part of a sound cyber security strategy. There are constantly new threats being faced by organizations globally across virtually every industry. This presentation will provide an overview of the threat landscape, a description of the common types of attacks that are used to compromise organizations, as well as a discussion of the potential impact these attacks can have on business operations. Ransomware, exploit kits, and malicious/phishing email campaigns will be discussed with specific examples provided in an attempt to provide an inside look at what is currently occurring within the threat landscape.
Description: Oracle has released is quarterly set of security updates, addressing 308 new vulnerabilities. Products that were patched include Oracle Database Server, MySQL, Java, Solaris, and more. Java saw 32 security fixes of which, 28 are remotely exploitable without authentication.
Description: Cisco has released security updates addressing publically disclosed SNMP vulnerabilities in IOS as well as a flaw identified by Google Project Zero in the Webex browser extension. The SNMP vulnerabilities manifest due to a buffer overflow condition in the SNMP subsystem of affected IOS and IOS XE products. The Webex browser extension vulnerability manifests as a design defect in the extension. The SNMP vulnerabilities and the Webex browser extension vulnerability could be exploited to achieve arbitrary code execution on affected devices.
Free Certs Come With a Cost
Memcached - A Story of Failed Patching & Vulnerable Servers
Pay What You Want Cybersecurity Ebooks -- Humble Book Bundle: Cybersecurity
Reverse Engineering a 433MHz Motorised Blind RF Protocol
LockPoS Joins the Flock