Clik here to view.
CRAT wants to plunder your endpoints
By Asheer Malhotra. Cisco Talos has observed a new version of a remote access trojan (RAT) family known as CRAT.Apart from the prebuilt RAT capabilities, the malware can download and deploy additional...
View ArticleClik here to view.
Threat Source newsletter (Nov. 12, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We’re back after a few-week hiatus! And to celebrate, we just dropped some new research on the CRAT trojan that’s bringing some...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple vulnerabilities in Pixar OpenUSD affects...
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Aleksandar Nikolic and Jon Munshaw. Pixar OpenUSD contains multiple vulnerabilities that attackers could exploit to carry out...
View ArticleClik here to view.
Threat Roundup for November 6 to November 13
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 6 and Nov. 13. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Nibiru ransomware variant decryptor
Nikhil Hegde developed this tool. Weak encryption The Nibiru ransomware is a .NET-based malware family. It traverses directories in the local disks, encrypts files with Rijndael-256 and gives them a...
View ArticleClik here to view.
Back from vacation: Analyzing Emotet’s activity in 2020
By Nick Biasini, Edmund Brumaghin, and Jaeson Schultz. Emotet is one of the most heavily distributed malware families today. Cisco Talos observes large quantities of Emotet emails being sent to...
View ArticleClik here to view.
Threat Source newsletter (Nov. 19, 2020)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. In case you hadn’t already realized, Snort somehow became a meme this week, so that was fun. As 2020 (finally...or already...I can’t...
View ArticleClik here to view.
Threat Roundup for November 13 to November 20
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 13 and Nov. 20. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple vulnerabilities in WebKit
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.Executive summary The WebKit browser engine contains multiple vulnerabilities in various functions of the...
View ArticleClik here to view.
Xanthe - Docker aware miner
By Vanja Svajcer with contributions from Adam Pridgen NEWS SUMMARY Ransomware attacks and big-game hunting making the headlines, but adversaries use plenty of other methods to monetize their efforts in...
View ArticleClik here to view.
Beers with Talos Ep. #96: The boogeyman and QR codes
Beers with Talos (BWT) Podcast episode No. 96 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify StitcherIf iTunes and Google Play aren't...
View ArticleClik here to view.
Vulnerability Spotlight: DoS, code execution vulnerabilities in EIP Stack...
Martin Zeiser and Jared Rittle of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.Executive summary Cisco Talos recently discovered two vulnerabilities in the Ethernet/IP function of...
View ArticleClik here to view.
Threat Source newsletter (Dec. 3, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. While ransomware has made all the headlines this year, that doesn’t mean cryptocurrency miners are going anywhere. We recently...
View ArticleClik here to view.
Threat Roundup for November 27 to December 4
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 27 and Dec. 4. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Microsoft Patch Tuesday (Dec. 2020) — Snort rules and notable vulnerabilities
By Jon Munshaw, with contributions from Bill Largent. Microsoft released its monthly security update Tuesday, disclosing 58 vulnerabilities across its suite of products, the lowest number of...
View ArticleClik here to view.
Vulnerability Spotlight: Code execution vulnerability in Microsoft Excel
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered a code execution vulnerability in some versions of Microsoft Excel. An attacker...
View ArticleClik here to view.
Vulnerability Spotlight: Remote code execution vulnerabilities in Schneider...
Alexander Perez-Palma and Jared Rittle of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered two code execution vulnerabilities in Schneider Electric...
View ArticleClik here to view.
Quarterly Report: Incident Response trends from Fall 2020
By David Liebenberg and Caitlin Huey. For the sixth quarter in a row, Cisco Talos Incident Response (CTIR) observed ransomware dominating the threat landscape. However, for the first quarter since we...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple vulnerabilities in Foxit PDF Reader...
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.Executive summary Cisco Talos recently discovered multiple vulnerabilities in Foxit PDF Reader’s JavaScript...
View ArticleClik here to view.
FireEye Breach Detection Guidance
Cyber security firm FireEye recently disclosed an incident that was reported to have resulted in the inadvertent disclosure of various internally developed offensive security tools (OSTs) that were...
View Article