Vulnerability Spotlight: Vulnerabilities in Alyac antivirus program could stop virus scanning, cause code execution | allinfosecnews.com

Aug. 3, 2022, 6:46 p.m. | Jon Munshaw (noreply@blogger.com)

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence blog.talosintelligence.com

Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.

Update (Aug. 3, 2022): Talos disclosed two new vulnerabilities in the Alyac antivirus software and added their details to this post.

Cisco Talos recently discovered out-of-bounds read and buffer overflow vulnerabilities in ESTsecurity Corp.’s Alyac antivirus software that could cause a denial-of-service condition or arbitrary code execution. Alyac is an antivirus software developed for Microsoft Windows machines.

TALOS-2022-1452 (CVE-2022-21147) is a vulnerability that exists in a specific Alyac …

antivirus code code execution cve program scanning securex spotlight virus vulnerabilities vulnerability

More from blog.talosintelligence.com / Cisco Talos Intelligence Group - Comprehensive Threat Intelligence

Rounding up some of the major headlines from RSA 18 hours ago | blog.talosintelligence.com

coming conference major may +3

Talos releases new macOS open-source fuzzer 1 day ago | blog.talosintelligence.com

code fuzzer fuzzing linux +8

Only one critical vulnerability included in May’s Microsoft Patch Tuesday; One other zero-day in DWN … 2 days, 18 hours ago | blog.talosintelligence.com

code code execution critical critical vulnerability +18

Talos joins CISA to counter cyber threats against non-profits, activists and other at-risk communities 2 days, 23 hours ago | blog.talosintelligence.com

activists can cisa commercial +19

A new alert system from CISA seems to be effective — now we just need … 1 week ago | blog.talosintelligence.com

alert alerts catalog cisa +12

Talos discloses multiple zero-day vulnerabilities, two of which could lead to code execution 1 week, 1 day ago | blog.talosintelligence.com

arbitrary code arbitrary code execution code code execution +14

What can we learn from the passwords used in brute-force attacks? 2 weeks ago | blog.talosintelligence.com

attacks brute brute-force can +5

Vulnerabilities in employee management system could lead to remote code execution, login credential theft 2 weeks, 1 day ago | blog.talosintelligence.com

code code execution credential credential theft +21

Cisco Talos at RSAC 2024 2 weeks, 3 days ago | blog.talosintelligence.com

announcements cisco cisco talos cybersecurity +12

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Consultant/Senior Consultant – Categoria Protetta L. 68/99

@ BIP | Italy

View on infosec-jobs.com

SoC Security Architect, Platform Architecture

@ Apple | San Diego, California, United States

View on infosec-jobs.com

Cloud Engineer II- SOC Analyst

@ Insight Enterprises, Inc. | Gurugram Gurgaon HR, IN

View on infosec-jobs.com