Clik here to view.
Microsoft Patch Tuesday for April 2025 — Snort rules and prominent...
Microsoft has released its monthly security update for April of 2025 which includes 126 vulnerabilities affecting a range of products, including 11 that Microsoft marked as “critical”. In this month's...
View ArticleClik here to view.
Unraveling the U.S. toll road smishing scams
Cisco Talos has observed a widespread and ongoing financial theft SMS phishing (smishing) campaign since October 2024 that targets toll road users in the United States of America. We observed that the...
View ArticleClik here to view.
Threat actors thrive in chaos
Welcome to this week’s edition of the Threat Source newsletter. If there’s one thing that threat actors love, it’s chaos. Headlines in the news that provoke an emotional response make excellent...
View ArticleClik here to view.
Year in Review: The biggest trends in ransomware
This week, our Year in Review spotlight is on ransomware—where low-profile tactics led to high-impact consequences.Ransomware operators often prioritized stealth over complexity for initial access....
View ArticleClik here to view.
Eclipse and STMicroelectronics vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities found in Eclipse ThreadX and four vulnerabilities in STMicroelectronics. The vulnerabilities...
View ArticleClik here to view.
Unmasking the new XorDDoS controller and infrastructure
Cisco Talos observed an existing distributed denial-of-service (DDoS) malware known as XorDDoS, continuing to spread globally between November 2023 and February 2025. A significant finding shows that...
View ArticleClik here to view.
Care what you share
Welcome to this week’s edition of the Threat Source newsletter. As we navigate our daily routines, certain tasks become second nature to us, especially if they are integral to our professions. However,...
View ArticleClik here to view.
Year in Review: Attacks on identity and MFA
For our third focussed topic for Talos' 2024 Year in Review, we tell the story of how identity has become the pivot point for adversarial campaigns.The main themes of this story are credential abuse,...
View ArticleClik here to view.
Introducing ToyMaker, an Initial Access Broker working in cahoots with double...
In 2023, Cisco Talos discovered an extensive compromise in a critical infrastructure enterprise consisting of a combination of threat actors.From initial access to double extortion, these actors slowly...
View ArticleClik here to view.
Lessons from Ted Lasso for cybersecurity success
Welcome to this week’s edition of the Threat Source newsletter. "Be curious, not judgmental," Ted Lasso says, misattributing Walt Whitman. We forgive Ted because... well, he's Ted Lasso. If you’ve not...
View ArticleClik here to view.
IR Trends Q1 2025: Phishing soars as identity-based attacks persist
Phishing attacks spiked this quarter as threat actors leveraged this method of initial access in half of all engagements, a vast increase from previous quarters. Conversely, the use of valid accounts...
View ArticleClik here to view.
Year in Review: AI based threats
2024 wasn't the year that AI rewrote the cybercrime playbook — but it did turbocharge some of the old tricks. In Cisco Talos' 2024 Year in Review, with the help of our friends at Robust Intelligence...
View ArticleClik here to view.
State-of-the-art phishing: MFA bypass
Cybercriminals are bypassing multi-factor authentication (MFA) using adversary-in-the-middle (AiTM) attacks via reverse proxies, intercepting credentials and authentication cookies. The developers...
View ArticleClik here to view.
Understanding the challenges of securing an NGO
Welcome to this week’s edition of the Threat Source newsletter. Recently, I was invited to sit on a panel at the CIO4Good Conference here in Washington D.C., where I talked about incident response and...
View ArticleClik here to view.
Proactive threat hunting with Talos IR
At Cisco Talos, we understand that effective cybersecurity isn’t just about responding to incidents — it’s about preventing them from happening in the first place. One of the most powerful ways we do...
View Article