Talos ThreatSource is a regular intelligence update from Cisco Talos, highlighting the biggest threats each week and other security news.
Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.
We’ve been busy at the RSA Conference this week. If you’re there, be sure to stop by the Cisco Security and Cisco Talos booths to say hi. Matt Watchinski, our vice president, and Liz Centoni, the head of Cisco’s internet-of-things business group, delivered a keynote address Tuesday on protecting IoT devices. You can read our roundup here and check out a recording of the talk here.
On the vulnerability front, we disclosed three bugs in Pixar Renderman today that could allow an attacker to gain root privileges.
Finally, we also have our weekly Threat Roundup, which you can find on the blog every Friday afternoon. There, we go over the most prominent threats we’ve seen (and blocked) over the past week.
If you want to see one of our researchers out and about, be sure to check below for upcoming public engagements where they will represent Talos.
Synopsis: Nick Biasini will deliver the keynote address at Cisco Connect Portland. Nick will give an overview of Cisco Talos and discuss what separates us from the competition. Then, he’ll give an overview of some recent malware we have discovered and talk about how our research has protected customers.
Description: Attackers are carrying out attacks on Cisco small and home office routers after the company patched a critical bug in its RV line of routers. The vulnerability bypasses authentication procedures, allowing attackers to go after routers remotely over the internet. Affected models include the Cisco RV110, RV130 and RV215. Snort SIDs: 49296
Description: A micropatch released last week fixes a 19-year-old vulnerability in WinRAR that could allow an attacker to obtain remote code execution privileges. The bug, CVE-2018-20250, could allow an attacker to completely take over a target machine by tricking a user into opening a specially crafted, malicious archive. The latest WinRAR update completely removes support for ACE archives to protect users from this vulnerability. Snort SIDs: 49289 - 49292
Keep up with all things Talos by following us on Twitter and Facebook. You can also subscribe to the Beers with Talos podcast, which comes out bi-weekly, here (as well as on your favorite podcast app). And, if you’re not already, you can also subscribe to the weekly Threat Source newsletter here.