Clik here to view.
The adventures of an extroverted cyber nerd and the people Talos helps to...
Welcome to this week’s edition of the Threat Source newsletter. I am unbelievably lucky to do the work that I do. My title is technically ‘Senior Security Strategist’. It’s a very fancy title, but...
View ArticleClik here to view.
MC LR Router and GoCast unpatched vulnerabilities
Cisco Talos' Vulnerability Research team recently discovered two vulnerabilities in MC Technologies LR Router and three vulnerabilities in the GoCast service. These vulnerabilities have not been...
View ArticleClik here to view.
Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilities
The Patch Tuesday for December of 2024 includes 72 vulnerabilities, including four that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.” Microsoft...
View ArticleClik here to view.
The evolution and abuse of proxy networks
As long as we've had the internet, users have tried to obfuscate how and what they are connecting to. In some cases, this is to work around restrictions put in place by governments or a desire to...
View ArticleClik here to view.
Something to Read When You Are On Call and Everyone Else is at the Office Party
Welcome to this week’s edition of the Threat Source newsletter. The new head of the UK’s National Cyber Security Centre, Richard Horne, recently remarked that there is a “clearly widening gap between,...
View ArticleClik here to view.
Exploring vulnerable Windows drivers
This post is the result of research into the real-world application of the Bring Your Own Vulnerable Driver (BYOVD) technique along with Cisco Talos’ series of posts about malicious Windows drivers....
View ArticleClik here to view.
Acrobat out-of-bounds and Foxit use-after-free PDF reader vulnerabilities found
Cisco Talos’ Vulnerability Research team recently disclosed three out-of-bounds read vulnerabilities in Adobe Acrobat Reader, and two use-after-free vulnerabilities in Foxit Reader. These...
View ArticleClik here to view.
Welcome to the party, pal!
Welcome to the final Threat Source newsletter of 2024. Watching "Die Hard" during the Christmas season has become a widely recognized tradition for many, despite ongoing debates about its...
View ArticleClik here to view.
Do we still have to keep doing it like this?
Welcome to the first edition of the Threat Source newsletter for 2025. Upon returning to work this week from my Lindt chocolate reindeer coma, my first task was to write this newsletter. As I stared...
View ArticleClik here to view.
Microsoft Patch Tuesday for January 2025 — Snort rules and prominent...
Microsoft has released its monthly security update for January of 2025 which includes 159 vulnerabilities, including 12 that Microsoft marked as “critical.” The remaining vulnerabilities listed are...
View ArticleClik here to view.
Slew of WavLink vulnerabilities
Lilith >_> of Cisco Talos discovered these vulnerabilities. Forty-four vulnerabilities and sixty-three CVEs were discovered across ten .cgi and three .sh files, as well as the static login page,...
View ArticleClik here to view.
Find the helpers
Welcome to this week’s edition of the Threat Source newsletter. “When I was a boy and I would see scary things in the news, my mother would say to me, ‘Look for the helpers. You will always find people...
View ArticleClik here to view.
Everything is connected to security
Welcome to this week’s edition of the Threat Source newsletter.Hello friends! Joe here again! I have just returned from the frozen northern tundra of Fargo, North Dakota. This was my first real visit...
View ArticleClik here to view.
Seasoning email threats with hidden text salting
Cisco Talos observed an increase in the number of email threats leveraging hidden text salting (also known as "poisoning") in the second half of 2024.Hidden text salting is a simple yet effective...
View ArticleClik here to view.
New TorNet backdoor seen in widespread campaign
Cisco Talos discovered an ongoing malicious campaign operated by a financially motivated threat actor since as early as July 2024 targeting users, predominantly in Poland and Germany, based on the...
View Article