Clik here to view.
Everyone's on the cyber target list
Welcome to this week’s edition of the Threat Source newsletter. I’ve discovered that being a rent guarantor for someone is an involved experience. While I’m glad that I can help out a loved one secure...
View ArticleClik here to view.
Microsoft Patch Tuesday for June 2025 — Snort rules and prominent...
Microsoft has released its monthly security update for June 2025, which includes 66 vulnerabilities affecting a range of products, including 10 that Microsoft marked as “critical.” In this month's...
View ArticleClik here to view.
catdoc zero-day, NVIDIA, High-Logic FontCreator and Parallel vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three zero-day vulnerabilities in catdoc, as well as vulnerabilities in Parallel, NVIDIA and High-Logic FontCreator 15. The...
View ArticleClik here to view.
Know thyself, know thy environment
Welcome to this week’s edition of the Threat Source newsletter. This week, I'm coming to you from Cisco Live in San Diego where I've just talked to a room that some of you may have been in, so writing...
View ArticleClik here to view.
Famous Chollima deploying Python version of GolangGhost RAT
In May 2025, Cisco Talos identified a Python-based remote access trojan (RAT) we call “PylangGhost,” used exclusively by a North Korean-aligned threat actor. PylangGhost is functionally similar to the...
View ArticleClik here to view.
When legitimate tools go rogue
Late one Tuesday night, Elena’s phone buzzed with an alert from her company’s SIEM. Her team had set up a rule to flag when certain system tools — whoami, nltest and nslookup—were run one after another...
View ArticleClik here to view.
A week with a "smart" car
Welcome to this week’s edition of the Threat Source newsletter. June 9 was Whit Monday — a bank holiday here in Germany — so I decided to take the whole week off. It turned out to be the perfect...
View ArticleClik here to view.
Cybercriminal abuse of large language models
Cybercriminals are continuing to explore artificial intelligence (AI) technologies such as large language models (LLMs) to aid in their criminal hacking activities. Some cybercriminals have resorted to...
View ArticleClik here to view.
Decrement by one to rule them all: AsIO3.sys driver exploitation
IntroductionArmory Crate and AI Suite are applications used to manage and monitor ASUS motherboards and related components such as the processor, RAM or the increasingly popular RGB lighting. These...
View ArticleClik here to view.
Getting a career in cybersecurity isn’t easy, but this can help
Welcome to this week’s edition of the Threat Source newsletter. Happy summer, friends! I hope everyone is staying cool and/or warm. I am fresh back from an exhaustive but great time in San Diego at...
View ArticleClik here to view.
PDFs: Portable documents, or perfect deliveries for phish?
Cisco recently developed and released an update to its brand impersonation detection engine for emails. This new update enhances detection coverage and includes a wider range of brands that are...
View ArticleClik here to view.
A message from Bruce the mechanical shark
Welcome to this week’s edition of the Threat Source newsletter. Hi, I’m Bruce, the 25-foot mechanical star of “Jaws.” This summer marks 50 years since my 4 minutes of screentime kept people out of the...
View ArticleClik here to view.
Microsoft Patch Tuesday for July 2025 — Snort rules and prominent...
Microsoft has released its monthly security update for July 2025, which includes 132 vulnerabilities affecting a range of products, including 14 that Microsoft marked as “critical.” In this month's...
View ArticleClik here to view.
Asus and Adobe vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed two vulnerabilities each in Asus Armoury Crate and Adobe Acrobat products. The vulnerabilities mentioned in this blog post...
View ArticleClik here to view.
Patch, track, repeat
Welcome to this week’s edition of the Threat Source newsletter.We’ve made it halfway through 2025 already! It’s been a while since I last wrote about CVEs and how free support for Windows 10 will end...
View Article