Talos Takes Ep: #61: SideCopy sounds so familiar, but I just can't put my finger on it...

July 16, 2021, 7:14 am

≫ Next: Threat Roundup for July 9 to July 16

≪ Previous: Vulnerability Spotlight: Multiple vulnerabilities in D-LINK DIR-3040

$

0

0

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Asheer Malhotra of Talos Outreach has spent the past few months tracking APTs all along the same line. APT 36, aka...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

---

Threat Roundup for July 9 to July 16

July 16, 2021, 10:07 am

≫ Next: Beers with Talos, Ep. #107: Sailing the high seas in search of privateer groups

≪ Previous: Talos Takes Ep: #61: SideCopy sounds so familiar, but I just can't put my finger on it...

$

0

0

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 9 and July 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Beers with Talos, Ep. #107: Sailing the high seas in search of privateer groups

July 20, 2021, 12:10 pm

≫ Next: Security implications of misconfigurations

≪ Previous: Threat Roundup for July 9 to July 16

$

0

0

Beers with Talos (BWT) Podcast episode No. 107 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google PodcastsSpotify  StitcherIf iTunes and Google Play aren't your thing, click here. You're not going to believe this, but everyone...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Security implications of misconfigurations

July 22, 2021, 5:28 am

≫ Next: Threat Source newsletter (July 22, 2021)

≪ Previous: Beers with Talos, Ep. #107: Sailing the high seas in search of privateer groups

$

0

0

        By Jaeson Schultz. When defenders regularly monitor their organization's Domain Name System (DNS) queries, they can often snuff out potential attacks before they happen. At the very least, it's important to identify and fix configuration mistakes that could lead to...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (July 22, 2021)

July 22, 2021, 11:00 am

≫ Next: Talos Takes Ep: #62: Don't sleep on business email compromise

≪ Previous: Security implications of misconfigurations

$

0

0

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   I'm compiling this Tuesday for vacation reasons, so apologies for any major stories I'm missing here. This week's Beers with Talos podcast hits the seas again. And although we've covered sea shanties in the past, this...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Talos Takes Ep: #62: Don't sleep on business email compromise

July 23, 2021, 8:00 am

≫ Next: Threat Roundup for July 16 to July 23

≪ Previous: Threat Source newsletter (July 22, 2021)

$

0

0

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Business email compromise may seem like last decade’s threat, but it’s still just as prevalent as ever. A recent FBI...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for July 16 to July 23

July 24, 2021, 5:31 am

≫ Next: Vulnerability Spotlight: Unsafe deserialization vulnerabilities in CODESYS Development System

≪ Previous: Talos Takes Ep: #62: Don't sleep on business email compromise

$

0

0

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 16 and July 23. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Unsafe deserialization vulnerabilities in CODESYS Development System

July 26, 2021, 7:42 am

≫ Next: Vulnerability Spotlight: Use-after-free vulnerabilities in Foxit PDF Reader

≪ Previous: Threat Roundup for July 16 to July 23

$

0

0

Patrick DeSantis discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered multiple vulnerabilities in the CODESYS Development System.  The CODESYS Development System is the IEC 61131-3 programming tool for industrial control and automation technology,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

---

Vulnerability Spotlight: Use-after-free vulnerabilities in Foxit PDF Reader

July 27, 2021, 9:04 am

≫ Next: Threat Spotlight: Solarmarker

≪ Previous: Vulnerability Spotlight: Unsafe deserialization vulnerabilities in CODESYS Development System

$

0

0

Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.  Cisco Talos recently discovered multiple use-after-free vulnerabilities in the Foxit PDF Reader.   Foxit PDF Reader is one of the most popular PDF document readers currently available. As a...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Spotlight: Solarmarker

July 29, 2021, 10:05 am

≫ Next: Threat Source newsletter (July 29, 2021)

≪ Previous: Vulnerability Spotlight: Use-after-free vulnerabilities in Foxit PDF Reader

$

0

0

By Andrew Windsor, with contributions from Chris Neal. Executive summaryCisco Talos has observed new activity from Solarmarker, a highly modular .NET-based information stealer and keylogger.A previous staging module, "d.m," used with this malware has been replaced by a new module dubbed...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (July 29, 2021)

July 29, 2021, 12:00 pm

≫ Next: Threat Roundup for July 23 to July 30

≪ Previous: Threat Spotlight: Solarmarker

$

0

0

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   Thanks to everyone who joined us live yesterday for our talk on business email compromise. If you missed us live, the recording is up on our YouTube page now. Nick Biasini from Talos Outreach provided some great advice on...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for July 23 to July 30

July 30, 2021, 2:50 pm

≫ Next: Updates to the Cisco Talos Email Status Portal

≪ Previous: Threat Source newsletter (July 29, 2021)

$

0

0

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 23 and July 30. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Updates to the Cisco Talos Email Status Portal

August 3, 2021, 8:14 am

≫ Next: Vulnerability Spotlight: Use-after-free vulnerability in tinyobjloader

≪ Previous: Threat Roundup for July 23 to July 30

$

0

0

Cisco Talos is rolling out several changes to the Email Status Portal that adds new features and makes the Portal even easier to use.  The Talos Email Status Portal allows users to view mail samples submitted and their statuses, analyze graphical displays of submission metrics, administer...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Use-after-free vulnerability in tinyobjloader

August 4, 2021, 7:18 am

≫ Next: Beers with Talos, Ep. #108: Kaseya it ain't so

≪ Previous: Updates to the Cisco Talos Email Status Portal

$

0

0

Lilith >_> of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a use-after-free vulnerability in a specific function of tinyobjloader. An adversary could trick a user into opening a specially crafted file, causing a use-after-free condition, and...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Beers with Talos, Ep. #108: Kaseya it ain't so

August 4, 2021, 11:56 am

≫ Next: Threat Source newsletter (Aug. 5, 2021)

≪ Previous: Vulnerability Spotlight: Use-after-free vulnerability in tinyobjloader

$

0

0

Beers with Talos (BWT) Podcast episode No. 108 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify  StitcherIf iTunes and Google Play aren't your thing, click here. Who needed a summer vacation anyway? The whole Beers...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

---

Threat Source newsletter (Aug. 5, 2021)

August 5, 2021, 10:58 am

≫ Next: Threat Roundup for July 30 to August 6

≪ Previous: Beers with Talos, Ep. #108: Kaseya it ain't so

$

0

0

  Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   We hope everyone is enjoying BlackHat and/or DEFCON this week, regardless of if you're attending virtually or in person. In case you missed any of our talks from BlackHat, you can check them out here, along...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for July 30 to August 6

August 6, 2021, 10:49 am

≫ Next: Talos Takes Ep: #63: Shield your eyes from the Solarmarker

≪ Previous: Threat Source newsletter (Aug. 5, 2021)

$

0

0

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 30 and Aug. 6. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Talos Takes Ep: #63: Shield your eyes from the Solarmarker

August 6, 2021, 10:50 am

≫ Next: Vulnerability Spotlight: Code execution vulnerability in Mozilla Firefox

≪ Previous: Threat Roundup for July 30 to August 6

$

0

0

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Andrew Windsor has been following the Solarmarker threat for months. But it really started to catch his eye when he...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Code execution vulnerability in Mozilla Firefox

August 10, 2021, 9:21 am

≫ Next: Vulnerability Spotlight: Multiple vulnerabilities in AT&T Labs’ Xmill utility

≪ Previous: Talos Takes Ep: #63: Shield your eyes from the Solarmarker

$

0

0

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.  Cisco Talos recently discovered a use-after-free vulnerability in Mozilla Firefox that could lead to code execution.  Firefox is a widely used web browser available on many operating systems. This...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Multiple vulnerabilities in AT&T Labs’ Xmill utility

August 10, 2021, 10:22 am

≫ Next: Microsoft Patch Tuesday for August 2021 — Snort rules and prominent vulnerabilities

≪ Previous: Vulnerability Spotlight: Code execution vulnerability in Mozilla Firefox

$

0

0

Carl Hurd of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered multiple vulnerabilities in AT&T Labs’ Xmill utility. An attacker could take advantage of these issues to carry out a variety of malicious actions, including corrupting the...

[[ This is only the beginning! Please visit the blog for the complete entry ]]