Threat Roundup for February 18 to February 25
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 18 and Feb. 25. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleVulnerability Spotlight: Vulnerabilities in Gerbv could lead to code...
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in the Gerbv file viewing software that could allow an...
View ArticleThreat Advisory: HermeticWiper
Update 2/26/2022: Additional details added to embedded resources section, specifically around driver usage. Update 2/25/2022: During additional investigation Cisco Talos has found that, in some cases,...
View ArticleThreat Advisory: Cyclops Blink
Update 2/25/2022: In our ongoing research into activity surrounding Ukraine and in cooperation with Cisco Duo data scientists Talos discovered compromised MikroTik routers inside of Ukraine being...
View ArticleCurrent executive guidance for ongoing cyberattacks in Ukraine
Please note that all Indicators of Compromise (IOCs) associated with the ongoing activity in Ukraine can be found in the WhisperKill and HermeticWiper blogs respectively. Update 2/26/2022: As part of...
View ArticleVulnerability Spotlight: Vulnerabilities in Lansweeper could lead to...
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in the Lansweeper IT asset management solution that...
View ArticleCrowd-sourced attacks present new risk of crisis escalation
By Matt Olney.An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques. Customers who are typically focused on top-tier,...
View ArticleThreat Roundup for February 25 to March 4
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 25 and March 4. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleCurrent executive guidance for ongoing cyberattacks in Ukraine
Read this blog post in 日本語 (Japanese) Cyber threat activity against Ukraine, and around the world, has long been a central focus of our work. We continue to monitor the Ukraine-Russia situation by...
View ArticleCisco stands on guard with our customers in Ukraine
As the Russia-led invasion intensifies, Ukraine is being attacked by bombs and bytes. Cisco is working around the clock on a global, company-wide effort to protect our customers there and ensure that...
View ArticleDeep dive: Vulnerabilities in ZTE router could lead to complete attacker...
Cisco Talos’ vulnerability research team disclosed multiple vulnerabilities in the ZTE MF971R wireless hotspot and router in October. Several months removed from that disclosure and ZTE’s patch, we...
View ArticleMicrosoft Patch Tuesday for March 2022 — Snort rules and prominent...
By Jon Munshaw and Edmund Brumaghin. Microsoft released another relatively light security update Tuesday, disclosing 71 vulnerabilities, including fixes for issues in Azure and the Office suite of...
View ArticleThreat advisory: Cybercriminals compromise users with malware disguised as...
Executive summary Opportunistic cybercriminals are attempting to exploit Ukrainian sympathizers by offering malware purporting to be offensive cyber tools to target Russian entities. Once downloaded,...
View ArticleIranian linked conglomerate MuddyWater comprised of regionally focused subgroups
By Asheer Malhotra, Vitor Ventura and Arnaud Zobec. Cisco Talos has observed new cyber attacks targeting Turkey and other Asian countries we believe with high confidence are from groups operating under...
View ArticleTalos Threat Source newsletter (March 10, 2022) — Fake social media posts...
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter — complete with a new format and feel. First off, it goes without saying, but we’re all heartbroken by the crisis...
View ArticleThreat Roundup for March 4 to March 11
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 4 and March 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleThreat Advisory: Opportunistic cyber criminals take advantage of Ukraine...
By Edmund Brumaghin, with contributions from Jonathan Byrne, Perceo Lemos and Vasileios Koutsoumpogeras. Executive Summary Since the beginning of the war in Ukraine, we have observed threat actors...
View ArticleBeers with Talos, Ep. #118: Reflecting on the current situation in Ukraine
Beers with Talos (BWT) Podcast episode No. 118 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherRecorded March 7, 2022. If...
View ArticleThreat Advisory: CaddyWiper
Overview Cybersecurity company ESET disclosed another Ukraine-focused wiper dubbed "CaddyWiper" on March 14. This wiper is relatively smaller than previous wiper attacks we've seen in Ukraine such as...
View ArticlePreparing for denial-of-service attacks with Talos Incident Response
By Yuri Kramarz. Over the years, several extorsion-style and politically motivated denial-of-service attacks increased and still pose a threat to businesses and organizations of any size that can find...
View Article