Quantcast
Channel: Cisco Talos Blog
Viewing all 1927 articles
Browse latest View live

Threat Roundup for December 3 to December 10

December 10, 2021, 1:17 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 3 and Dec. 10. As with previous roundups, this post isn't meant tobifj be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Talos Takes Ep. #80: I'll have a blue Christmas without a CTIR retainer

December 10, 2021, 11:30 am
$
0
0
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. It's the holiday season, which means last-minute shopping, family time and cheer. Oh, and it's never a bad time to...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Advisory: Critical Apache Log4j vulnerability being exploited in the wild

December 11, 2021, 2:39 pm
$
0
0
Note: Talos is continuing to update this post with additional coverage and information as it becomes available Update, Dec. 11, 2021: As more potential attack scenarios are identified, it is important to note that additional vectors could be used to trigger the vulnerability. Log4j...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Beers with Talos, Ep. #112: A new host approaches!

December 15, 2021, 9:02 am
$
0
0
Beers with Talos (BWT) Podcast episode No. 112 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts  Google Podcasts  Spotify  StitcherIf iTunes and Google Play aren't your thing, click here. We promised it wouldn't be long...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source Newsletter (Dec. 16, 2021)

December 16, 2021, 11:26 am
$
0
0
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   I'm just going to cut to the chase since I know all anyone wants to read about is Log4J. For the latest Talos research, continually check back on our blog post here. Above is the live stream we recorded Monday morning...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Vulnerabilities in metal detector peripheral could allow attackers to manipulate security devices

December 20, 2021, 8:12 am
$
0
0
Matt Wiseman of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered multiple vulnerabilities in a device from Garrett Metal Detectors that could allow remote attackers to bypass authentication requirements, manipulate metal detector...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution

December 21, 2021, 7:21 am
$
0
0
A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered two vulnerabilities in the DaVinci Resolve video editing software that could allow an adversary to execute code in the context of the application.  DaVinci Resolve is a...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

2021: Looking back on the year in malware and cyber attacks, from SolarWinds to Log4j

December 27, 2021, 6:00 am
$
0
0
By Jon Munshaw. It seems like we were just recovering from the aftermath of the massive SolarWinds campaign a month or two ago. And now suddenly, it’s been a year since one of the largest cyber attacks in history and moving onto another threat that could last for years.  That just seemed to be...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Threat Source Newsletter (Jan. 6, 2022)

January 6, 2022, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   We hope everyone had some well-deserved, relaxing time off over the holidays. Unfortunately, we are all back now and Log4j is still an issue. And even though it seems like Log4j has already been in the news for a year,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for December 31 to January 7

January 7, 2022, 1:41 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 31 and Jan. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Buffer overflow vulnerability in AnyCubic Chitubox plugin

January 10, 2022, 6:45 am
$
0
0
Carl Hurd of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.  Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in the Chitubox AnyCubic plugin.  Chitubox is 3-D printing software for users to download and process models and send them...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Heap buffer overflow condition in Google Chrome could lead to code execution

January 11, 2022, 7:07 am
$
0
0
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.  Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Google Chrome.   Google Chrome is a cross-platform web browser — and Chromium is the open-source version of...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Two vulnerabilities in Adobe Acrobat DC could lead to arbitrary code execution

January 11, 2022, 9:09 am
$
0
0
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered two vulnerabilities in Adobe Acrobat Reader DC that could allow an attacker to eventually gain the ability to execute arbitrary code.   Acrobat is one of the most...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Microsoft Patch Tuesday for Jan. 2022 — Snort rules and prominent vulnerabilities

January 11, 2022, 2:12 pm
$
0
0
By Jon Munshaw and Vitor Ventura.  Microsoft released its monthly security update Tuesday, disclosing 102 vulnerabilities across its large collection of hardware and software. This is the largest amount of vulnerabilities Microsoft has disclosed in a monthly security update in eight months,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Nanocore, Netwire and AsyncRAT spreading campaign uses public cloud infrastructure

January 12, 2022, 5:02 am
$
0
0
By Chetan Raghuprasad and Vanja Svajcer. Cisco Talos discovered a malicious campaign in October 2021 delivering variants of Nanocore, Netwire and AsyncRATs targeting user's information. According to Cisco Secure product telemetry, the victims of this campaign are primarily distributed across the...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Beers with Talos, Ep. #114: And then there were two...

January 13, 2022, 8:12 am
$
0
0
Beers with Talos (BWT) Podcast episode No. 114 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts  Google Podcasts  Spotify  StitcherRecorded Dec. 9, 2021. If iTunes and Google Play aren't your thing, click here. We joked...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source Newsletter (Jan. 13, 2022)

January 13, 2022, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   Move out of the way, Log4j! Traditional malware is back with a bang in 2022. While Log4j is likely still occupying many defenders' minds, the bad guys are still out there doing not-Log4j things. We have new research out...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Talos Takes Ep. #82: Log4j followed us in 2022

January 14, 2022, 7:16 am
$
0
0
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. It's a new year, but unfortunately, we're facing the same cybersecurity problems. Log4j followed us into the holidays,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for January 7 to January 14

January 14, 2022, 2:20 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 7 and Jan. 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source Newsletter (Jan. 20, 2022)

January 20, 2022, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   Even though we're nearly a month into 2022, we're still not quite ready to move on from 2021. That's why next week, we'll be going live on social media to talk about some of the top cybersecurity stories from the past...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Viewing all 1927 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>