Clik here to view.
Threat Roundup for October 15 to October 22
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 15 and Oct. 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
SQUIRRELWAFFLE Leverages malspam to deliver Qakbot, Cobalt Strike
By Edmund Brumaghin, Mariano Graziano and Nick Mavis. Executive summary Recently, a new threat, referred to as "SQUIRRELWAFFLE" is being spread more widely via spam campaigns, infecting systems with a...
View ArticleClik here to view.
Quarterly Report: Incident Response trends from Q3 2021
Ransomware again dominated the threat landscape, while BEC grew By David Liebenberg and Caitlin Huey. Once again, ransomware was the most dominant threat observed in Cisco Talos Incident Response...
View ArticleClik here to view.
Threat Source newsletter (Oct. 28, 2021)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. Most people know about chicken and waffles. But what about squirrel and waffles? They may not be the most appetizing brunch, but they...
View ArticleClik here to view.
Threat Roundup for October 22 to October 29
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 22 and Oct. 29. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Microsoft Exchange vulnerabilities exploited once again for ransomware, this...
By Chetan Raghuprasad and Vanja Svajcer, with contributions from Caitlin Huey. Cisco Talos recently discovered a malicious campaign deploying variants of the Babuk ransomware predominantly affecting...
View ArticleClik here to view.
The features all Incident Response Plans need to have
By Paul Lee, Yuri Kramarz and Martin Lee. Adversaries are always growing their capabilities and changing their tactics, leading to a greater number of incidents and data breaches. This is supported by...
View ArticleClik here to view.
Threat Source newsletter (Nov. 4, 2021)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. A series of vulnerabilities in Microsoft Exchange Server made waves earlier this year for coming under attack. And while they've come...
View ArticleClik here to view.
Threat Roundup for October 29 to November 5
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 29 and Nov. 5. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Cisco Talos finds 10 vulnerabilities in Azure Sphere’s Linux kernel, Security...
By Claudio Bozzato and Lilith [-_-];. Following our previous engagements (see blog posts 1, 2, 3 and 4) with Microsoft's Azure Sphere IoT platform, we decided to take another look at the device,...
View ArticleClik here to view.
Microsoft Patch Tuesday for Nov. 2021 — Snort rules and prominent...
By Jon Munshaw and Tiago Pereira. Microsoft released its monthly security update Tuesday, disclosing 56 vulnerabilities in the company’s various software, hardware and firmware offerings, including...
View ArticleClik here to view.
North Korean attackers use malicious blogs to deliver malware to high-profile...
By Jung soo An and Asheer Malhotra, with contributions from Kendall McKay. Cisco Talos has observed a new malware campaign operated by the Kimsuky APT group since June 2021.Kimsuky, also known as...
View ArticleThreat Source newsletter (Nov. 11, 2021)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. It's important to be proactive, and not reactive, with your security. It's always better to see the worst coming and block it than...
View ArticleTalos Takes Ep. #76: What is Kimsuky phishing around for?
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Blog posts aren't just for...
View ArticleThreat Roundup for November 5 to November 12
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 5 and Nov. 12. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleVulnerability Spotlight: Vulnerabilities in Lantronix PremierWave 2050 could...
Matt Wiseman discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in Lantronix’s PremierWave 2050, an embedded Wi-Fi module. There are...
View ArticleAttackers use domain fronting technique to target Myanmar with Cobalt Strike
By Chetan Raghuprasad, Vanja Svajcer and Asheer Malhotra. News Summary Cisco Talos discovered a new malicious campaign using a leaked version of Cobalt Strike in September 2021. This shows that Cobalt...
View ArticleTalos’ tips for staying safe while shopping online this holiday season
By Jon Munshaw. Attackers will resort to all tactics to trick users into downloading malware, handing over credit card data or completing compromising their machine. No topic is off-limits, and...
View ArticleVulnerability Spotlight: User-after-free vulnerability in Google Chrome could...
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a...
View ArticleVulnerability Spotlight: Multiple code execution vulnerabilities in LibreCAD
Lilith >_> of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered three vulnerabilities in LibreCAD’s libdfxfw open-source library. This library...
View Article