Quantcast
Channel: Cisco Talos Blog
Viewing all 1927 articles
Browse latest View live

Talos Takes Ep. #66: Dude, where's my bandwidth?

September 3, 2021, 6:09 am
$
0
0
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. “Proxyware” sounds like a complicated topic that you’re too afraid to ask about. But really, it’s just software that...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Threat Roundup for August 27 to September 3

September 3, 2021, 9:57 am
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 27 and Sept. 3. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Heap buffer overflow vulnerability in Ribbonsoft dxflib library

September 7, 2021, 8:56 am
$
0
0
Lilith >_> of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.  Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Ribbonsoft’s dxflib library that could lead to code execution.  The dxflib library is a C++ library utilized by...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Talos release protection against zero-day vulnerability in Microsoft MSHTML

September 9, 2021, 12:57 pm
$
0
0
Cisco Talos released new SNORT® rules Thursday to protect against the exploitation of a zero-day vulnerability in Microsoft MSHTML that the company warns is being actively exploited in the wild.  Users are encouraged to deploy SIDs 58120 – 58129, Snort 3 SID 300049 and ClamAV...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (Sept. 9, 2021)

September 9, 2021, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   The biggest security news this week is no doubt another Microsoft zero-day. On the heels of PrintNightmare and multiple Exchange Server vulnerabilities comes a code execution vulnerability in MSHTML, the rendering engine...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Talos Takes Ep. #67: What a leaked playbook tells us about the Conti ransomware group

September 10, 2021, 7:20 am
$
0
0
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. There's a lot to take apart in the recently leaked Conti ransomware playbook. After a disgruntled member of the...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for September 3 to September 10

September 10, 2021, 12:03 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 3 and Sept. 10. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Code execution vulnerability in Nitro Pro PDF

September 13, 2021, 7:12 am
$
0
0
A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered a vulnerability in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application.  Nitro Pro PDF is part of Nitro Software’s...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Downtime on Talos Intelligence

September 13, 2021, 11:35 am
$
0
0
TalosIntelligence.com will be down for a short time on Sept. 17 around 10 a.m. while we perform some routine maintenance on the site.  We apologize for any inconvenience this may cause. We expect the interruption will only last for about 30 minutes.  

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Microsoft Patch Tuesday for Sept. 2021 — Snort rules and prominent vulnerabilities

September 14, 2021, 10:33 am
$
0
0
By Jon Munshaw, with contributions from Holger Unterbrink.  Microsoft released its monthly security update Tuesday, disclosing 85 vulnerabilities across the company’s firmware and software. This month’s release is headlined by an official patch for the critical remote code execution...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Operation Layover: How we tracked an attack on the aviation industry to five years of compromise

September 16, 2021, 5:04 am
$
0
0
By Tiago Pereira and Vitor Ventura. Cisco Talos linked the recent aviation targeting campaigns to an actor who has been targeting the aviation industry for two years.The same actor has been running successful malware campaigns for more than five years.Although always using commodity malware, the...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (Sept. 16, 2021)

September 16, 2021, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   It's a bird, it's a plane, it's a rat! We've been tracking a series of trojans targeting the aviation industry, and trying to lure victims in by sending them spam related to flight itineraries and other transportation...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Talos Takes Ep. #68: The various pivots and pitfalls in a malware investigation

September 17, 2021, 7:39 am
$
0
0
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. On this week's episode, Vitor Ventura from our research team walks through his recent work on connecting several...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for September 10 to September 17

September 17, 2021, 1:28 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 10 and Sept. 17. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

TinyTurla - Turla deploys new malware to keep a secret backdoor on victim machines

September 21, 2021, 5:11 am
$
0
0
News summary Cisco Talos recently discovered a new backdoor used by the Russian Turla APT group.We have seen infections in the U.S., Germany and, more recently, in Afghanistan. It is likely used as a stealth second-chance backdoor to keep access to infected devicesIt can be used to download, upload...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs

September 23, 2021, 5:01 am
$
0
0
By Asheer Malhotra, Vanja Svajcer and Justin Thattil. Cisco Talos is tracking a campaign targeting government personnel in India using themes and tactics similar to APT36 (aka Mythic Leopard and Transparent Tribe).This campaign distributes malicious documents and archives to deliver the Netwire...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Information disclosure vulnerability in D-LINK DIR-3040 mesh router

September 23, 2021, 8:00 am
$
0
0
Dave McDaniel of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable information disclosure vulnerability in the D-LINK DIR-3040 smart WiFi mesh router that could allow an adversary to eventually turn off the device or remove other...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (Sept. 23, 2021)

September 23, 2021, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   The Russian APT Turla is one of the most notorious threat actors out there today. And they aren't stopping, recently adding a new backdoor to their arsenal that serves as a "last chance" to retain a foothold on victim...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Talos Takes Ep. #69: Our armadillo in shining armor

September 24, 2021, 8:52 am
$
0
0
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We also preach the importance of multi-factor authentication. But what happens when the bad guys start going after...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for September 17 to September 24

September 24, 2021, 10:07 am
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 17 and Sept. 24. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Viewing all 1927 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>