Quantcast
Channel: Cisco Talos Blog
Viewing all 1927 articles
Browse latest View live

Threat Source newsletter (June 24, 2021)

June 24, 2021, 11:00 am
$
0
0
  Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   Even though spam emails asking for gift cards may seem like the oldest trick in the book, they're still effective in 2021. The FBI estimates that business email compromise cost victims around $1.8 billion in 2020,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Beers with Talos, Ep. #106: Is more than executive action in order?

June 24, 2021, 12:38 pm
$
0
0
Beers with Talos (BWT) Podcast episode No. 106 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google PodcastsSpotify  StitcherIf iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded May 20, 2021. Craig wins...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Talos Takes Ep. #58: How to approach the partnerships it will take to defend critical infrastructure

June 25, 2021, 7:37 am
$
0
0
By Jon Munshaw. With major cyber attacks in recent years against major U.S. critical infrastructure suppliers like Norsk Hydro and Colonial Pipeline, we’re in a new world of CI cybersecurity. New threats require new approaches to defense. And in the U.S., this is likely going to include...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for June 18 to June 25

June 25, 2021, 3:40 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 18 and June 25. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Memory corruption vulnerability in PowerISO’s DMG handler

June 28, 2021, 8:05 am
$
0
0
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.  Cisco Talos recently discovered a memory corruption vulnerability in PowerISO’s handler that deals with DMG files.  PowerISO is a CD/DVD/BD image file processing tool, which allows users to open, extract,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (July 1, 2021)

July 1, 2021, 11:16 am
$
0
0
  Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   There's been a lot of talk recently around how to address America's infrastructure cybersecurity. After attacks like Colonial Pipeline and JBS, everyone across the public and private sectors are wondering what...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Talos Takes Ep. #59: How to secure the devices that secure your home network

July 2, 2021, 7:04 am
$
0
0
By Jon Munshaw. As consumers start having more “smart” devices connected to their home network, they may want an easy solution to keeping those devices safe. But what if that device gets owned? Carl Hurd of our vulnerability research team recently discovered several vulnerabilities in Trend Micro’s...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for June 25 to July 2

July 2, 2021, 11:59 am
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 25 and July 2. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

REvil ransomware actors attack Kaseya in supply chain attack

July 2, 2021, 7:11 pm
$
0
0
Attackers are actively exploiting the Kaseya VSA endpoint monitoring software to conduct a widespread supply chain attack targeting a number of Managed Service Providers (MSPs), according to multiple reports. Organizations usually use Kaseya VSA to perform centralized orchestration of systems in...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

InSideCopy: How this APT continues to evolve its arsenal

July 7, 2021, 5:10 am
$
0
0
By Asheer Malhotra and Justin Thattil. Cisco Talos is tracking an increase in SideCopy's activities targeting government personnel in India using themes and tactics similar to APT36 (aka Mythic Leopard and Transparent Tribe).SideCopy is an APT group that mimics the Sidewinder APT's infection...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Information disclosure, privilege escalation vulnerabilities in IOBit Advanced SystemCare Ultimate

July 7, 2021, 1:42 pm
$
0
0
Cory Duplantis of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.  Cisco Talos recently discovered multiple vulnerabilities in IOBit Advanced SystemCare Ultimate.  IOBit Advanced SystemCare Ultimate is a system optimizer that promises to remove unwanted files and...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (July 8, 2021)

July 8, 2021, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   Just like everyone else in the security world, our week's been dominated by the Kaseya supply chain attack. We went live on pretty much every social media platform we could think of yesterday to update everyone on the...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

PrintNightmare: Here’s what you need to know and Talos’ coverage

July 8, 2021, 1:25 pm
$
0
0
Over the past several weeks, there's been a lot of discussion about a particular privilege escalation vulnerability in Windows affecting the print spooler, dubbed PrintNightmare. The vulnerability (CVE-2021-1675/CVE-2021-34527) has now been patched multiple times but is believed to still be...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Talos Takes Ep. #60: Everything you need to know about the Kaseya situation

July 9, 2021, 6:55 am
$
0
0
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. In this special "XL edition" of Talos Takes, we're bringing you the audio version of our live stream this week...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for July 2 to July 9

July 9, 2021, 11:51 am
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 2 and July 9. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Microsoft Patch Tuesday for July 2021 — Snort rules and prominent vulnerabilities

July 13, 2021, 11:09 am
$
0
0
By Jon Munshaw, with contributions from Jaeson Schultz.  Microsoft released its monthly security update Tuesday, disclosing 117 vulnerabilities across its suite of products, by far the most in a month this year. Today’s Patch Tuesday includes three vulnerabilities that Microsoft states are...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Following the Money: Comparing cryptocurrency value to illicit mining activity

July 14, 2021, 8:37 am
$
0
0
By Nick Biasini In the age of meme stocks, Robinhood and Elon Musk's tweets influencing the global economy, cryptocurrency mining has not seemed as fringe as it once did. Mining has been around as long as these crytocurrencies have, but only really started to gather the attention of criminals in...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Multiple vulnerabilities in Advantech R-SeeNet

July 15, 2021, 7:28 am
$
0
0
The Talos vulnerability research team discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered multiple vulnerabilities in the Advantech R-SeeNet monitoring software.  R-SeeNet is the software system used for monitoring Advantech routers. It continuously...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (July 15, 2021)

July 15, 2021, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   The value of cryptocurrency is all over the place. Elon Musk's tweets can send Dogecoin rising and falling. And Monero, the most popular currency for cryptominers, has gone all over the place this year. So does that have...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Multiple vulnerabilities in D-LINK DIR-3040

July 15, 2021, 12:58 pm
$
0
0
Dave McDaniel discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered multiple vulnerabilities in the D-LINK DIR-3040 wireless router.  The DIR-3040 is an AC3000-based wireless internet router. These vulnerabilities could allow an attacker to carry out a...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Viewing all 1927 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>