The Cavalry is a global grassroots organization that is focused on issues where computer security intersects public safety and human life. We strive to ensure that these technologies are worthy of the trust we place in them. |
|
|
 For journalists of all media, please use my PGP key for e-mail communications. Most requests I receive are for validating claims of major security events or vulnerabilities.
About one out of every five events I examine turn out to be fully or partially true. Our little community is increasingly becoming filled with rotten apples.
There is also an assumption of anonymity on my part, with exceptions only in very specific and authorized situations. |
|
 For research discoveries and disclosure, I already have a trusted list of journalists. For individuals and groups looking to include me in their efforts, please communicate using my PGP key listed above. Do your due dilligence first. I get a lot of requests and vetting what is legitimate is time consuming.. |
|
|
 | News
Critical Vulnerability Found in Cisco Video Surveillance Manager
21 September 2018 - Cisco has patched vulnerability in its video surveillance manager software that could give an unauthenticated, remote attacker the ability to execute arbitrary commands on targeted systems.
Twitter Flaw Exposed Direct Messages To External Developers
21 September 2018 - The company said it has issued a patch for the issue, which has been ongoing since May 2017.
Delphi Packer Looks for Human Behavior Before Deploying Payload
21 September 2018 - Many different threat actors are using this crypting service/tool for their operations, possibly buying it from the developer itself.
Unpatched Microsoft Zero-Day in JET Allows Remote Code-Execution
21 September 2018 - Microsoft said that it's working on a fix for a zero-day flaw in its JET Database Engine.
Lucy Gang Debuts with Unusual Android MaaS Package
20 September 2018 - The threat actor's Android-focused cyber-arms package, dubbed Black Rose Lucy, is limited in reach for now, but clearly has global ambitions.
|
 | Blog
Snort rule update for Sept. 20, 2018
20 September 2018 - Just released:Snort Subscriber Rule Set Update for Sept. 20, 2018Tonight, Cisco Talos has released the latest SNORTⓇ rule update. In this release, we introduced 20 new rules, two of which are shared object rules. There are also four modified rules, none of which are shared object rules.This r…
Snort rule update for Sept. 19, 2018
19 September 2018 - Just released:Snort Subscriber Rule Set Update for Sept. 19, 2018We welcome the introduction of the newest rule release from Talos. In this release, we introduced eight new rules, none of which are shared object rules. There are also seven modified rules.This rule release primarily covers vulnerabil…
Snort rule update for Sept. 18, 2018
18 September 2018 - Just released:Snort Subscriber Rule Set Update for Sept. 18, 2018The newest Snort rule update rule release was released this morning by Cisco Talos. In this release, we introduced 37 new rules, three of which are shared object rules. There are also 2,155 modified rules, none of which are shared obje…
Snort rule update for Sept. 13, 2018
13 September 2018 - Just released:Snort Subscriber Rule Set Update for Sept. 13, 2018Today, we welcome the newest rule release from Talos. In this release, we introduced 48 new rules, of six which are shared object rules. There are also 501 modified rules, none of which are shared object rules.This update provides cove…
|
|
