Clik here to view.
The evolution and abuse of proxy networks
As long as we've had the internet, users have tried to obfuscate how and what they are connecting to. In some cases, this is to work around restrictions put in place by governments or a desire to...
View ArticleClik here to view.
Something to Read When You Are On Call and Everyone Else is at the Office Party
Welcome to this week’s edition of the Threat Source newsletter. The new head of the UK’s National Cyber Security Centre, Richard Horne, recently remarked that there is a “clearly widening gap between,...
View ArticleClik here to view.
Exploring vulnerable Windows drivers
This post is the result of research into the real-world application of the Bring Your Own Vulnerable Driver (BYOVD) technique along with Cisco Talos’ series of posts about malicious Windows drivers....
View ArticleClik here to view.
Acrobat out-of-bounds and Foxit use-after-free PDF reader vulnerabilities found
Cisco Talos’ Vulnerability Research team recently disclosed three out-of-bounds read vulnerabilities in Adobe Acrobat Reader, and two use-after-free vulnerabilities in Foxit Reader. These...
View ArticleClik here to view.
Welcome to the party, pal!
Welcome to the final Threat Source newsletter of 2024. Watching "Die Hard" during the Christmas season has become a widely recognized tradition for many, despite ongoing debates about its...
View ArticleClik here to view.
Do we still have to keep doing it like this?
Welcome to the first edition of the Threat Source newsletter for 2025. Upon returning to work this week from my Lindt chocolate reindeer coma, my first task was to write this newsletter. As I stared...
View ArticleClik here to view.
Microsoft Patch Tuesday for January 2025 — Snort rules and prominent...
Microsoft has released its monthly security update for January of 2025 which includes 159 vulnerabilities, including 12 that Microsoft marked as “critical.” The remaining vulnerabilities listed are...
View ArticleClik here to view.
Slew of WavLink vulnerabilities
Lilith >_> of Cisco Talos discovered these vulnerabilities. Forty-four vulnerabilities and sixty-three CVEs were discovered across ten .cgi and three .sh files, as well as the static login page,...
View ArticleClik here to view.
Find the helpers
Welcome to this week’s edition of the Threat Source newsletter. “When I was a boy and I would see scary things in the news, my mother would say to me, ‘Look for the helpers. You will always find people...
View ArticleClik here to view.
Everything is connected to security
Welcome to this week’s edition of the Threat Source newsletter.Hello friends! Joe here again! I have just returned from the frozen northern tundra of Fargo, North Dakota. This was my first real visit...
View ArticleClik here to view.
Seasoning email threats with hidden text salting
Cisco Talos observed an increase in the number of email threats leveraging hidden text salting (also known as "poisoning") in the second half of 2024.Hidden text salting is a simple yet effective...
View ArticleClik here to view.
New TorNet backdoor seen in widespread campaign
Cisco Talos discovered an ongoing malicious campaign operated by a financially motivated threat actor since as early as July 2024 targeting users, predominantly in Poland and Germany, based on the...
View ArticleClik here to view.
Whatsup Gold, Observium and Offis vulnerabilities
Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold. These vulnerabilities exist...
View ArticleClik here to view.
Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing...
Threat actors increasingly deployed web shells against vulnerable web applications and primarily exploited vulnerable or unpatched public-facing applications to gain initial access in Q4, a notable...
View ArticleClik here to view.
Defeating Future Threats Starts Today
Welcome to this week’s edition of the Threat Source newsletter. You don’t need me to tell you that security is constantly changing and that more change is on its way. The enthusiastic adoption of new...
View Article