Quantcast
Channel: Cisco Talos Blog
Viewing all 1927 articles
Browse latest View live

Threat Roundup for April 8 to April 15

April 15, 2022, 1:04 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 8 and April 15. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

TeamTNT targeting AWS, Alibaba

April 21, 2022, 11:01 am
$
0
0
By Darin Smith.TeamTNT is actively modifying its scripts after they were made public by security researchers.These scripts primarily target Amazon Web Services, but can also run in on-premise, container, or other forms of Linux instances.The group's payloads include credential stealers,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Beers with Talos, Ep. #120: How attackers are finding ways around MFA

April 21, 2022, 9:00 am
$
0
0
Beers with Talos (BWT) Podcast episode No. 120 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts  Google Podcasts  Spotify  StitcherRecorded April 6, 2022 If iTunes and Google Play aren't your thing, click here. The trend of...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (April 21, 2022) — Sideloading apps is as safe as you make it

April 21, 2022, 11:00 am
$
0
0
By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  If you pay attention to the video game community as much as I do, you’ve been closely following the ongoing legal battle between Apple and Epic over the sale of “Fortnite” on the Apple App Store. (I promise...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for April 15 to April 22

April 22, 2022, 1:28 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 15 and April 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Researcher Spotlight: Liz Waddell, CTIR practice lead

April 25, 2022, 5:00 am
$
0
0
How this Talos team member’s love of true crime led to a life in cybersecurity  By Jon Munshaw.  Liz Waddell is usually there on someone’s worst day of their professional lives.  Chief technology officers and chief information security officers can hope all they want that the...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Quarterly Report: Incident Response trends in Q1 2022

April 26, 2022, 6:19 am
$
0
0
Ransomware continues as the top threat, while a novel increase in APT activity emerges By Caitlin Huey. Ransomware was still the top threat Cisco Talos Incident Response (CTIR) saw in active engagements this quarter, continuing a trend that started in 2020. As mentioned in the 2021...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (April 28, 2022) — The 2022 Cybersecurity Mock Draft

April 28, 2022, 11:00 am
$
0
0
By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter that’s going to be a little different, but bear with me.  In honor of the NFL Draft starting this evening — an event that Cisco is helping to secure — I thought it’d be appropriate to look at building a...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Threat Roundup for April 22 to April 29

April 29, 2022, 12:18 pm
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 22 and April 29. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Two vulnerabilities in Accusoft ImageGear could lead to DoS, arbitrary free

May 2, 2022, 11:44 am
$
0
0
Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered two new vulnerabilities in Accusoft ImageGear.  The ImageGear library is a document-imaging developer toolkit that allows users to create, edit, annotate and convert...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Conti and Hive ransomware operations: What we learned from these groups' victim chats

May 3, 2022, 6:33 am
$
0
0
As part of Cisco Talos’ continuous efforts to learn more about the current ransomware landscape, we recently examined a trove of chat logs between the Conti and Hive ransomware gangs and their victims. Ransomware-as-a-service groups have exploded in popularity over the past few years, with these...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Mustang Panda deploys a new wave of malware targeting Europe

May 5, 2022, 2:42 pm
$
0
0
By Jung soo An, Asheer Malhotra and Justin Thattil, with contributions from Aliza Berk and Kendall McKay. In February 2022, corresponding roughly with the start of the Russian Invasion of Ukraine, Cisco Talos began observing the China-based threat actor Mustang Panda conducting phishing campaigns...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (May 5, 2022) — Emotet is using up all of its nine lives

May 5, 2022, 11:00 am
$
0
0
By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  Emotet made headlines last week for being “back” after a major international law enforcement takedown last year. But I’m here to argue that Emotet never left, and honestly, I’m not sure it ever...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for April 29 to May 6

May 6, 2022, 10:00 am
$
0
0
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 29 and May 6. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Vulnerability in Alyac antivirus program could stop virus scanning, cause denial of service

May 10, 2022, 7:20 am
$
0
0
Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered an out-of-bounds read vulnerability in the ESTsecurity Corp.’s Alyac antivirus software that could cause a denial-of-service condition.   If successful, an attacker could...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Search

Talos Incident Response added to German BSI Advanced Persistent Threat response list

May 10, 2022, 5:08 pm
$
0
0
Cisco Talos Incident Response is now listed as an approved vendor on the Bundesamt für Sicherheit in der Informationstechnik (BSI) Advanced Persistent Threat (APT) response service providers list. Talos Incident Response successfully demonstrated to the BSI, through a review of our processes and a...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Microsoft Patch Tuesday for May 2022 — Snort rules and prominent vulnerabilities

May 10, 2022, 12:31 pm
$
0
0
By Jon Munshaw, with contributions from Jaeson Schultz.  Microsoft returned to its normal monthly patching volume in May, disclosing and fixing 74 vulnerabilities as part of the company’s latest security update. This month’s Patch Tuesday includes seven critical vulnerabilities after Microsoft...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Advisory: Critical F5 BIG-IP Vulnerability

May 10, 2022, 12:32 pm
$
0
0
Summary A recently disclosed vulnerability in F5 Networks' BIG-IP could allow an unauthenticated attacker to access the BIG-IP system to execute arbitrary system commands, create and delete files, disable services and could lead to additional malicious activity. This vulnerability, tracked as...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Bitter APT adds Bangladesh to their targets

May 11, 2022, 5:00 am
$
0
0
Cisco Talos has observed an ongoing malicious campaign since August 2021 from the Bitter APT group that appears to target users in Bangladesh, a change from the attackers' usual victims.As part of this, there's a new trojan based on Apost Talos is calling "ZxxZ," that, among other...

[[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access

May 12, 2022, 5:00 am
$
0
0
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Francesco Benvenuto and Jon Munshaw.  Cisco Talos recently discovered several vulnerabilities in InHand Networks’ InRouter302 that could allow an attacker to escalate their privileges on the targeted device from a...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
Viewing all 1927 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>