Talos ThreatSource is a regular intelligence update from Cisco Talos, highlighting the biggest threats each week and other security news.
Google Releases Monthly Security Bulletin for Android
Synopsis: People responsible for defending networks realize that the security threat landscape is constantly in flux as attackers continuously evolve their techniques. Talos advances the overall efficacy of all Cisco security platforms by aggregating data, cooperating with teams of security experts, and applying the cutting-edge big data technology to security. In this talk, we will perform deep analysis of recent threats Talos has observed over the past quarter and see how Talos leverages large datasets to deliver product improvements and mitigation strategies.
Description: Google has released its monthly security bulletin for vulnerabilities identified in Android and Android components. This month's release is split into 2 patches levels, 2017-12-01 and 2017-12-05. The 2017-12-01 patch level addresses 19 vulnerabilities with 6 rated critical and 13 rated high severity. The 2017-12-05 patch level addresses 28 vulnerabilities with 4 rated critical and 24 rated high severity. Updates for Nexus and Pixel devices have been released. Android partners have also been notified of these vulnerabilitites and should have forthcoming updates.
Description: Cisco has released a security advisory for vulnerabilities that have been identified in WebEx Recording Format and Advanced Recording Format Players. These vulnerabilities manifest in the way Cisco WebEx handles ARF and WRF playback files. Exploitation of these vulnerabilities could be achieved if a user opens a malicious ARF or WRF file they receive in an email or click on a URL that causes the user to navigate to a malicious ARF or WRF file. Cisco has released a software update addressing these vulnerabilities.
Description: TeamViewer has released a security update following reports that a bug in the way permissions are handled was reported. The bug potentially allows users sharing a desktop session to gain control of the other person's computer without permission.
Mailsploit: a collection of bugs in email clients that allow effective sender spoofing and code injection attacks
Why Gets You Root (on macOS High Sierra)
Flaw Found in Dirty COW Patch
Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)
Virtual Keyboard Developer Leaked 31 Million of Client Records