Threat Roundup for April 8 to April 15
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 8 and April 15. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleTeamTNT targeting AWS, Alibaba
By Darin Smith.TeamTNT is actively modifying its scripts after they were made public by security researchers.These scripts primarily target Amazon Web Services, but can also run in on-premise,...
View ArticleBeers with Talos, Ep. #120: How attackers are finding ways around MFA
Beers with Talos (BWT) Podcast episode No. 120 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherRecorded April 6, 2022 If...
View ArticleThreat Source newsletter (April 21, 2022) — Sideloading apps is as safe as...
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. If you pay attention to the video game community as much as I do, you’ve been closely following the ongoing legal...
View ArticleThreat Roundup for April 15 to April 22
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 15 and April 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleResearcher Spotlight: Liz Waddell, CTIR practice lead
How this Talos team member’s love of true crime led to a life in cybersecurity By Jon Munshaw. Liz Waddell is usually there on someone’s worst day of their professional lives. Chief technology...
View ArticleQuarterly Report: Incident Response trends in Q1 2022
Ransomware continues as the top threat, while a novel increase in APT activity emerges By Caitlin Huey. Ransomware was still the top threat Cisco Talos Incident Response (CTIR) saw in active...
View ArticleThreat Source newsletter (April 28, 2022) — The 2022 Cybersecurity Mock Draft
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter that’s going to be a little different, but bear with me. In honor of the NFL Draft starting this evening — an event that...
View ArticleThreat Roundup for April 22 to April 29
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 22 and April 29. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleVulnerability Spotlight: Two vulnerabilities in Accusoft ImageGear could lead...
Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two new vulnerabilities in Accusoft ImageGear. The ImageGear library is a...
View ArticleConti and Hive ransomware operations: What we learned from these groups'...
As part of Cisco Talos’ continuous efforts to learn more about the current ransomware landscape, we recently examined a trove of chat logs between the Conti and Hive ransomware gangs and their victims....
View ArticleMustang Panda deploys a new wave of malware targeting Europe
By Jung soo An, Asheer Malhotra and Justin Thattil, with contributions from Aliza Berk and Kendall McKay. In February 2022, corresponding roughly with the start of the Russian Invasion of Ukraine,...
View ArticleThreat Source newsletter (May 5, 2022) — Emotet is using up all of its nine...
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. Emotet made headlines last week for being “back” after a major international law enforcement takedown last year. But...
View ArticleThreat Roundup for April 29 to May 6
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 29 and May 6. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleVulnerability Spotlight: Vulnerability in Alyac antivirus program could stop...
Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered an out-of-bounds read vulnerability in the ESTsecurity Corp.’s Alyac antivirus software...
View ArticleTalos Incident Response added to German BSI Advanced Persistent Threat...
Cisco Talos Incident Response is now listed as an approved vendor on the Bundesamt für Sicherheit in der Informationstechnik (BSI) Advanced Persistent Threat (APT) response service providers list....
View ArticleMicrosoft Patch Tuesday for May 2022 — Snort rules and prominent...
By Jon Munshaw, with contributions from Jaeson Schultz. Microsoft returned to its normal monthly patching volume in May, disclosing and fixing 74 vulnerabilities as part of the company’s latest...
View ArticleThreat Advisory: Critical F5 BIG-IP Vulnerability
Summary A recently disclosed vulnerability in F5 Networks' BIG-IP could allow an unauthenticated attacker to access the BIG-IP system to execute arbitrary system commands, create and delete files,...
View ArticleBitter APT adds Bangladesh to their targets
Cisco Talos has observed an ongoing malicious campaign since August 2021 from the Bitter APT group that appears to target users in Bangladesh, a change from the attackers' usual victims.As part of...
View ArticleVulnerability Spotlight: How an attacker could chain several vulnerabilities...
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Francesco Benvenuto and Jon Munshaw. Cisco Talos recently discovered several vulnerabilities in InHand Networks’...
View Article