Quantcast
Channel: Cisco Talos Blog
Viewing all 1927 articles
Browse latest View live

Threat Roundup for January 14 to January 21

January 21, 2022, 11:38 am
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 14 and Jan. 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Ukraine Campaign Delivers Defacement and Wipers, in Continued Escalation

January 21, 2022, 12:19 pm
$
0
0
Authored by Nick Biasini and Chris Neal with Contributions from Dmytro Korzhevin. Several cyber attacks against Ukrainian government websites — including website defacements and destructive wiper malware — have made headlines over the past few weeks as military tensions along the Russian/Ukrainian...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Talos Incident Response year-in-review for 2021

January 22, 2022, 5:45 am
$
0
0
By David Liebenberg.  Cisco Talos Incident Response (CTIR), as with everyone else in the cybersecurity world, dealt with a bevy of threats last year, as responders dealt with an expanding set of ransomware adversaries and several major cybersecurity incidents affecting organizations worldwide,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Vulnerability in Apple iOS, iPad OS and MacOS could lead to disclosure of sensitive memory data

January 25, 2022, 9:31 am
$
0
0
Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered an out-of-bounds read vulnerability in Apple’s macOS and iOS operating systems that could lead to the disclosure of sensitive memory content. An attacker could capitalize on that...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions

January 26, 2022, 1:09 pm
$
0
0
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered several vulnerabilities in the Reolink RLC-410W security camera that could allow an attacker to perform several malicious actions, including performing man-in-the-middle...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Beers with Talos, Ep. #115: Everybody's measured by quarters — even threat actors

January 27, 2022, 8:12 am
$
0
0
Beers with Talos (BWT) Podcast episode No. 115 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts  Google Podcasts  Spotify  StitcherRecorded Jan. 14, 2022. If iTunes and Google Play aren't your thing, click here. We wanted...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source Newsletter (Jan. 27, 2022)

January 27, 2022, 11:00 am
$
0
0
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   It's great to have New Year's resolutions and all. But we don't want you taking the wrong lessons away from 2021, either. Like just because Log4j happened doesn't mean you should stop logging or stop using open-source...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for January 21 to January 28

January 28, 2022, 12:21 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 21 and Jan. 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Vulnerability Spotlight: Memory corruption and use-after-free vulnerabilities in Foxit PDF Reader

January 31, 2022, 6:43 am
$
0
0
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered a memory corruption and use-after-free vulnerability in the Foxit PDF Reader.   Foxit PDF Reader is one of the most popular PDF document readers currently...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables

January 31, 2022, 6:21 am
$
0
0
By Asheer Malhotra and Vitor Ventura. Cisco Talos has observed a new campaign targeting Turkish private organizations alongside governmental institutions. Talos attributes this campaign with high confidence to MuddyWater — an APT group recently attributed to Iran's Ministry of Intelligence and...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Multiple vulnerabilities in Sealevel SeaConnect

February 2, 2022, 6:15 am
$
0
0
Francesco Benvenuto and Matt Wiseman of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered several vulnerabilities in Sealevel Systems Inc.’s SeaConnect internet-of-things edge device — many of which could allow an attacker to conduct a...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Arid Viper APT targets Palestine with new wave of politically themed phishing attacks, malware

February 2, 2022, 5:04 am
$
0
0
By Asheer Malhotra and Vitor Ventura. Cisco Talos has observed a new wave of Delphi malware called Micropsia developed and operated by the Arid Viper APT group since 2017.This campaign targets Palestinian entities and activists using politically themed lures.The latest iteration of the implant...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for January 28 to February 4

February 4, 2022, 12:02 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 28 and Feb. 4. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Use-after-free in Google Chrome could lead to code execution

February 7, 2022, 6:55 am
$
0
0
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.  Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome.   Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Microsoft Patch Tuesday for Feb. 2022 — Snort rules and prominent vulnerabilities

February 8, 2022, 10:57 am
$
0
0
By Jon Munshaw and Chris Neal.  Microsoft released its monthly security update Tuesday, disclosing 51 vulnerabilities across its large collection of hardware and software.  None of the vulnerabilities disclosed this month are considered “critical,” an extreme rarity for the company’s...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

What’s with the shared VBA code between Transparent Tribe and other threat actors?

February 9, 2022, 5:06 am
$
0
0
By Vanja Svajcer and Vitor Ventura. Recently, we've been researching several threat actors operating in South Asia: Transparent Tribe, SideCopy, etc., that deploy a range of remote access trojans (RATs). After a hunting session in our malware sample repositories and VirusTotal while looking into...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Beers with Talos, Ep. #116: Let's wade into the MuddyWater filled with Vipers

February 11, 2022, 9:07 am
$
0
0
Beers with Talos (BWT) Podcast episode No. 116 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts  Google Podcasts  Spotify  StitcherRecorded Feb. 4, 2022. If iTunes and Google Play aren't your thing, click here. Most people...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for February 4 to February 11

February 11, 2022, 11:28 am
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 4 and Feb. 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login

February 11, 2022, 1:22 pm
$
0
0
Patrick DeSantis of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered two vulnerabilities in Moxa's MXview network management software that could allow an attacker to view sensitive data or bypass the need to log into the device.  MXview...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution

February 16, 2022, 11:15 am
$
0
0
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered a vulnerability in Hancom Office — a popular software suite in South Korea — that could allow an attacker to corrupt memory on the targeted machine or execute remote...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Viewing all 1927 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>