Clik here to view.
Microsoft Patch Tuesday for June 2020 — Snort rules and prominent...
By Jon Munshaw. Microsoft released its monthly security update Tuesday, disclosing more than 120 vulnerabilities across its array of products. While none of the vulnerabilities disclosed have been...
View ArticleClik here to view.
Vulnerability Spotlight: Remote code execution vulnerability in Firefox’s...
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Mozilla Firefox web browser contains a vulnerability in its SharedWorkerService function that could allow an...
View ArticleClik here to view.
Vulnerability Spotlight: Two code execution vulnerabilities in Microsoft Excel
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos researchers recently discovered two code execution vulnerabilities in Microsoft Excel. Microsoft...
View ArticleClik here to view.
Threat Source newsletter for June 11, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We are back this week with new content, mainly around Microsoft Patch Tuesday. We have our complete breakdown of all the vulns here,...
View ArticleClik here to view.
Tor2Mine is up to their old tricks — and adds a few new ones
By Kendall McKay and Joe Marshall THREAT SUMMARY Cisco Talos has identified a resurgence of activity by Tor2Mine, a cryptocurrency mining group that was likely last active in 2018. Tor2Mine is...
View ArticleClik here to view.
Beers with Talos Ep. #83: The In-between, Vol. 4
Beers with Talos (BWT) Podcast episode No. 83 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded...
View ArticleClik here to view.
Threat Roundup for June 5 to June 12
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 5 and June 12. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Quarterly report: Incident Response trends in Summer 2020
By David Liebenberg and Caitlin Huey. For the fourth quarter in a row, Ryuk dominated the threat landscape in incident response. As we mentioned in last quarter’s report, Ryuk has shifted from relying...
View ArticleClik here to view.
Updates to Snort setup guides
Our documentation on Snort 3 running on CentOS and the Snort Rules Writing guide to Snort 3. Thanks to community member Yaser for providing the updates. The Snort 3 guide now has expanded information...
View ArticleClik here to view.
Threat Roundup for May 29 to June 5
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 29 and June 5. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this...
View ArticleClik here to view.
Beers with Talos Ep. #84: Mid-career advancement in cyber security
Beers with Talos (BWT) Podcast episode No. 84 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded...
View ArticleClik here to view.
Threat Source newsletter for June 18, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Now that Cisco Live is over, you can access both of Talos’ talks on-demand here if you registered for the online event. The latest...
View ArticleClik here to view.
IndigoDrop spreads via military-themed lures to deliver Cobalt Strike
By Asheer Malhotra. Cisco Talos has observed a malware campaign that utilizes military-themed malicious Microsoft Office documents (maldocs) to spread Cobalt Strike beacons containing full-fledged RAT...
View ArticleClik here to view.
Cisco Talos replacing all mentions of 'blacklist,' 'whitelist'
There are many ways to respond to injustice, both large and small, but each response is important. While we acknowledge it is a small change, Cisco Talos is moving to replace our use of the terms...
View ArticleClik here to view.
Vulnerability Spotlight: Denial-of-service vulnerability in NVIDIA driver
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Executive summaryThe NVWGF2UMX_CFG.DLL driver contains a denial-of-service vulnerability that an attacker could use to...
View ArticleClik here to view.
Threat Source newsletter for June 25, 2020
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We recently decided to replace our use of the terms "blacklist" and "whitelist" with "block list" and "allow list.” Even though these...
View ArticleClik here to view.
Threat Roundup for June 19 to June 26
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 19 and June 26. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Beers with Talos Ep. #85: The In-Between, Vol. 5
Beers with Talos (BWT) Podcast episode No. 85 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded...
View ArticleClik here to view.
PROMETHIUM extends global reach with StrongPity3 APT
By Warren Mercer, Paul Rascagneres and Vitor Ventura. News summaryThe threat actor behind StrongPity is not deterred despite being exposed multiple times over the past four years.They continue to...
View ArticleClik here to view.
Threat Spotlight: Valak Slithers Its Way Into Manufacturing and...
By Nick Biasini, Edmund Brumaghin and Mariano Graziano. Threat summary Attackers are actively distributing the Valak malware family around the globe, with enterprises, in particular, being...
View Article