Clik here to view.
Microsoft Patch Tuesday for August 2021 — Snort rules and prominent...
By Jon Munshaw, with contributions from Martin Lee. Microsoft released its monthly security update Tuesday, disclosing 44 vulnerabilities in the company’s firmware and software. This is the fewest...
View ArticleClik here to view.
Talos Incident Response quarterly threat report — The top malware families...
By David Liebenberg and Caitlin Huey. Last quarter, ransomware was not the most dominant threat for the first time since we began compiling these reports. We theorized that this was due to a huge...
View ArticleClik here to view.
Signed MSI files, Raccoon and Amadey are used for installing ServHelper RAT
By Vanja Svajcer. News summaryGroup TA505 has been active for at least seven years, making wide-ranging connections with other threat actors involved in ransomware, stealing credit card numbers and...
View ArticleClik here to view.
Threat Source newsletter (Aug. 12, 2021)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. No, that's not Ratatouille. It's ServHelper, who is much more dangerous (albeit just as cute) as the cartoon chef. We have a new...
View ArticleClik here to view.
Vice Society Leverages PrintNightmare In Ransomware Attacks
By Edmund Brumaghin, Joe Marshall, and Arnaud Zobec. Executive Summary Another threat actor is actively exploiting the so-called PrintNightmare vulnerability (CVE-2021-1675 / CVE-2021-34527) in...
View ArticleClik here to view.
Talos Takes Ep. #64: Back 2 Skool edition
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. There's no shortage of...
View ArticleClik here to view.
Threat Roundup for August 6 to August 13
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 6 and Aug. 13. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple integer overflow vulnerabilities in GPAC...
A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple integer overflow vulnerabilities in the GPAC Project on Advanced Content that...
View ArticleClik here to view.
Neurevt trojan takes aim at Mexican users
By Chetan Raghuprasad, with contributions from Vanja Svajcer. News summaryCisco Talos discovered a new version of the Neurevt trojan with spyware and backdoor capabilities in June 2021 using Cisco...
View ArticleClik here to view.
Vulnerability Spotlight: Memory corruption vulnerability in Daemon Tools Pro
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a memory corruption vulnerability in Disc Soft Ltd.'s Daemon Tools Pro. Daemon Tools Pro...
View ArticleClik here to view.
Malicious Campaign Targets Latin America: The seller, The operator and a...
By Asheer Malhotra and Vitor Ventura, with contributions from Vanja Svajcer. Cisco Talos has observed a new malware campaign delivering commodity RATs, including njRAT and AsyncRAT.The campaign targets...
View ArticleClik here to view.
Threat Source newsletter (Aug. 19, 2021)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. I'm writing this on Tuesday morning on account of vacation (again), so apologies if we miss any major stories. You certainly don't...
View ArticleClik here to view.
Threat Roundup for August 13 to August 20
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 13 and Aug. 20. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Threat Source newsletter (Aug. 26, 2021)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. We have RATs on RATs on RATs over the past few weeks. And last week, we found a few more heading to Latin America to target users and...
View ArticleClik here to view.
Talos Takes Ep: #65: How several RAT campaigns in Latin America are connected
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. As more people around the...
View ArticleClik here to view.
Threat Roundup for August 20 to August 27
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 20 and Aug. 27. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Attracting flies with Honey(gain): Adversarial abuse of proxyware
By Edmund Brumaghin and Vitor Ventura. With internet-sharing applications, or "proxyware," users download software that allows them to share a percentage of their bandwidth with other internet users...
View ArticleClik here to view.
Translated: Talos' insights from the recently leaked Conti ransomware playbook
By Caitlin Huey, David Liebenberg, Azim Khodjibaev, and Dmytro Korzhevin. Executive summary Cisco Talos recently became aware of a leaked playbook that has been attributed to the...
View ArticleClik here to view.
Threat Source newsletter (Sept. 2, 2021)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. If you haven't seen already, our blog has a lot of cool and new stuff this week. We first dove into the world of proxyware on Tuesday...
View ArticleClik here to view.
Beers with Talos, Ep. #109: We have not secured our society — Or, working out...
Beers with Talos (BWT) Podcast episode No. 109 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify StitcherIf iTunes and Google Play aren't...
View Article