Threat Roundup for December 3 to December 10
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 3 and Dec. 10. As with previous roundups, this post isn't meant tobifj be an in-depth analysis. Instead,...
View ArticleTalos Takes Ep. #80: I'll have a blue Christmas without a CTIR retainer
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. It's the holiday season,...
View ArticleThreat Advisory: Critical Apache Log4j vulnerability being exploited in the wild
Note: Talos is continuing to update this post with additional coverage and information as it becomes available Update, Dec. 11, 2021: As more potential attack scenarios are identified, it is important...
View ArticleBeers with Talos, Ep. #112: A new host approaches!
Beers with Talos (BWT) Podcast episode No. 112 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherIf iTunes and Google Play...
View ArticleThreat Source Newsletter (Dec. 16, 2021)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. I'm just going to cut to the chase since I know all anyone wants to read about is Log4J. For the latest Talos research, continually...
View ArticleVulnerability Spotlight: Vulnerabilities in metal detector peripheral could...
Matt Wiseman of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in a device from Garrett Metal Detectors that could allow...
View ArticleVulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing...
A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in the DaVinci Resolve video editing software that could allow an...
View Article2021: Looking back on the year in malware and cyber attacks, from SolarWinds...
By Jon Munshaw. It seems like we were just recovering from the aftermath of the massive SolarWinds campaign a month or two ago. And now suddenly, it’s been a year since one of the largest cyber attacks...
View ArticleThreat Source Newsletter (Jan. 6, 2022)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. We hope everyone had some well-deserved, relaxing time off over the holidays. Unfortunately, we are all back now and Log4j is still...
View ArticleThreat Roundup for December 31 to January 7
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 31 and Jan. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleVulnerability Spotlight: Buffer overflow vulnerability in AnyCubic Chitubox...
Carl Hurd of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in the Chitubox AnyCubic plugin....
View ArticleVulnerability Spotlight: Heap buffer overflow condition in Google Chrome...
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Google Chrome. Google...
View ArticleVulnerability Spotlight: Two vulnerabilities in Adobe Acrobat DC could lead...
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Adobe Acrobat Reader DC that could allow an attacker to...
View ArticleMicrosoft Patch Tuesday for Jan. 2022 — Snort rules and prominent...
By Jon Munshaw and Vitor Ventura. Microsoft released its monthly security update Tuesday, disclosing 102 vulnerabilities across its large collection of hardware and software. This is the largest...
View ArticleNanocore, Netwire and AsyncRAT spreading campaign uses public cloud...
By Chetan Raghuprasad and Vanja Svajcer. Cisco Talos discovered a malicious campaign in October 2021 delivering variants of Nanocore, Netwire and AsyncRATs targeting user's information. According to...
View ArticleBeers with Talos, Ep. #114: And then there were two...
Beers with Talos (BWT) Podcast episode No. 114 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherRecorded Dec. 9, 2021. If...
View ArticleThreat Source Newsletter (Jan. 13, 2022)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. Move out of the way, Log4j! Traditional malware is back with a bang in 2022. While Log4j is likely still occupying many defenders'...
View ArticleTalos Takes Ep. #82: Log4j followed us in 2022
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. It's a new year, but...
View ArticleThreat Roundup for January 7 to January 14
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 7 and Jan. 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleThreat Source Newsletter (Jan. 20, 2022)
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. Even though we're nearly a month into 2022, we're still not quite ready to move on from 2021. That's why next week, we'll be going...
View Article