Quantcast
Channel: Cisco Talos Blog
Viewing all 1927 articles
Browse latest View live

From BlackMatter to BlackCat: Analyzing two attacks from one affiliate

March 17, 2022, 5:33 am
$
0
0
By Tiago Pereira with contributions from Caitlin Huey. BlackCat is a recent and growing ransomware-as-a-service (RaaS) group that targeted several organizations worldwide over the past few months.There are rumors of a relationship between BlackCat and the BlackMatter/DarkSide ransomware groups,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Threat Source newsletter (March 17, 2022) — Channelling productive worry to help Ukraine

March 17, 2022, 11:00 am
$
0
0
By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter. Cisco Talos continues to be heads-down working on the current Ukraine situation. This is incredibly difficult for everyone across the globe, especially for those directly affected. But that doesn’t mean those of...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for March 11 to March 18

March 18, 2022, 12:16 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 11 and March 18. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

On the Radar: Securing Web 3.0, the Metaverse and beyond

March 22, 2022, 5:04 am
$
0
0
By Jaeson Schultz. Internet technology evolves rapidly, and the World Wide Web (WWW or Web) is currently experiencing a transition into what many are calling "Web 3.0". Web 3.0 is a nebulous term. If you spend enough time Googling it, you'll find many interpretations regarding what Web 3.0...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Heap overflow in Sound Exchange libsox library

March 23, 2022, 1:16 pm
$
0
0
  Lilith >_> of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in the sphere.c start_read() functionality of Sound Exchange libsox. The libsox library is a library of...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Advisory: DoubleZero

March 24, 2022, 9:57 am
$
0
0
Overview The Computer Emergency Response Team of Ukraine released an advisory on March 22, 2022 disclosing another wiper dubbed "DoubleZero" targeting Ukrainian enterprises during Russia's invasion of the country. This wiper was detected as early as March 17, 2022. DoubleZero is yet another wiper...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (March 24, 2022) — Channelling productive worry to help Ukraine

March 24, 2022, 11:00 am
$
0
0
  By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  The war in Ukraine has involved misinformation since before Russia’s ground forces invaded the country. So, it’s not really a shock that we’ve reached the stage of information warfare where deepfake...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for March 18 to March 25

March 25, 2022, 12:01 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 18 and March 25. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Transparent Tribe campaign uses new bespoke malware to target Indian government officials

March 29, 2022, 5:02 am
$
0
0
By Asheer Malhotra and Justin Thattil with contributions from Kendall McKay. Cisco Talos has observed a new Transparent Tribe campaign targeting Indian government and military entities. While the actors are infecting victims with CrimsonRAT, their well-known malware of choice, they are also using...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (March 31, 2022) — Is "Fortnite" a Metaverse?

March 31, 2022, 11:00 am
$
0
0
By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  By now, anyone on the internet has pondered the question: “Is a hot dog a sandwich?” (My two cents: Yes, absolutely.)  Now as we move into the new internet age and onto Web 3.0 and NFTs instead of...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

On the Radar: Is 2022 the year encryption is doomed?

March 31, 2022, 1:58 pm
$
0
0
By Martin Lee.  Quantum technology in development by the world’s superpowers will render many current encryption algorithms obsolete overnight. When it becomes available, whoever controls this technology will be able to read almost any encrypted data or message they wish. Organizations need...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Advisory: Spring4Shell

March 31, 2022, 3:14 pm
$
0
0
Cisco Talos is releasing coverage to protect users against the exploitation of two remote code execution vulnerabilities in Spring Framework. CVE-2022-22963 is a medium-severity bug that affects Spring Cloud and CVE-2022-22965, a high-severity bug that affects Spring Core Framework. Spring is a...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Beers with Talos, Ep. #119: If it walks like a BlackCat, smells like a BlackCat...

April 1, 2022, 7:04 am
$
0
0
Beers with Talos (BWT) Podcast episode No. 119 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts  Google Podcasts  Spotify  StitcherRecorded March 25, 2022. If iTunes and Google Play aren't your thing, click here. We're...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for March 25 to April 1

April 1, 2022, 12:59 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 25 and April 1. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Spotlight: AsyncRAT campaigns feature new version of 3LOSH crypter

April 5, 2022, 5:00 am
$
0
0
By Edmund Brumaghin, with contributions from Alex Karkins. Ongoing malware distribution campaigns are using ISO disk images to deliver AsyncRAT, LimeRAT and other commodity malware to victims.The infections leverage process injection to evade detection by endpoint security software.These campaigns...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Threat Source newsletter (April 7, 2022) — More money for cybersecurity still doesn't solve the skills gap problem

April 7, 2022, 11:00 am
$
0
0
By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  U.S. President Joe Biden’s proposed budget would include an 11 percent increase in the federal government’s IT budget, including a total of $10.9 billion for cybersecurity. On the surface — this is all...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for April 1 to April 8

April 8, 2022, 2:48 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 1 and April 8. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Microsoft Patch Tuesday includes most vulnerabilities since Sept. 2020

April 12, 2022, 1:17 pm
$
0
0
By Jon Munshaw and Nick Biasini.  Microsoft released its latest security update Tuesday, disclosing more than 140 vulnerabilities across its array of products. This is a departure from past Patch Tuesdays this year, which have only featured a few dozen vulnerabilities, and is the largest...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Spotlight: "Haskers Gang" Introduces New ZingoStealer

April 14, 2022, 6:36 am
$
0
0
Update (04/14/22): Following the initial publication of this blog, we observed a new post in the Haskers Gang Telegram channel announcing that ownership of the ZingoStealer project is being transferred to a new threat actor. We also observed the malware author offering to sell the source code for...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (April 14, 2022) — It's Tax Day, and you know what that means

April 14, 2022, 11:00 am
$
0
0
By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  The deadline to file taxes in the United States is Monday. That means a few things: everyone should probably make sure their liquor cabinet is fully stocked, your spam filters are all turned on in your email...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Viewing all 1927 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>