Clik here to view.
Gamaredon APT targets Ukrainian government agencies in new campaign
By Asheer Malhotra and Guilherme Venere.Cisco Talos recently identified a new, ongoing campaign attributed to the Russia-linked Gamaredon APT that infects Ukrainian users with information-stealing...
View ArticleClik here to view.
Threat Source newsletter (Sept. 15, 2022) — Why there is no one-stop-shop...
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. Public schools in the United States already rely on our teachers for so much — they have to be educators, occasional...
View ArticleClik here to view.
Threat Roundup for September 9 to September 16
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 9 and Sept. 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Our current world, health care apps and your personal data
What does your autonomy mean to you?By Ashlee Benge and Jonathan Munshaw.After the recent Supreme Court ruling in Dobbs v. Jackson Women's Health Organization, the use of third-party apps to track...
View ArticleClik here to view.
Vulnerability Spotlight: Vulnerabilities in popular library affect Unix-based...
Lilith >_> of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered a memory corruption vulnerability in the uClibC library that could affect any Unix-based devices that...
View ArticleClik here to view.
Insider Threats: Your employees are being used against you
By Nick Biasini.Insider threats are becoming an increasingly common part of the attack chain, with malicious insiders and unwitting assets playing key roles in incidents over the past year.Social...
View ArticleClik here to view.
Threat Source newsletter (Sept. 22, 2022) — Attackers are already using...
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. We’ve seen attackers capitalize on the news time and again, from COVID-19 to U.S.-North Korea relationships and, of...
View ArticleClik here to view.
Threat Roundup for September 16 to September 23
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 16 and Sept. 23. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
New campaign uses government, union-themed lures to deliver Cobalt Strike...
By Chetan Raghuprasad and Vanja Svajcer.Cisco Talos discovered a malicious campaign in August 2022 delivering Cobalt Strike beacons that could be used in later, follow-on attacks.Lure themes in the...
View ArticleClik here to view.
Threat Source newsletter (Sept. 29, 2022) — Personal health apps are...
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. I’ve spent the past few months with my colleague Ashlee Benge looking at personal health apps’ privacy policies. We found...
View ArticleClik here to view.
Threat Roundup for September 23 to September 30
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 23 and Sept. 30. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Threat Advisory: Microsoft warns of actively exploited vulnerabilities in...
Cisco Talos has released new coverage to detect and prevent the exploitation of two recently disclosed vulnerabilities collectively referred to as "ProxyNotShell," affecting Microsoft Exchange Servers...
View ArticleClik here to view.
Researcher Spotlight: Globetrotting with Yuri Kramarz
From the World Cup in Qatar to robotics manufacturing in east Asia, this incident responder combines experience from multiple arenas By Jon Munshaw. Yuri “Jerzy” Kramarz helped secure everything from...
View ArticleClik here to view.
Developer account body snatchers pose risks to the software supply chain
By Jaeson Schultz.Over the past several years, high-profile software supply chain attacks have increased in frequency. These attacks can be difficult to detect and source code repositories became a key...
View ArticleClik here to view.
Threat Source newsletter (Oct. 6, 2022) — Continuing down the Privacy Policy...
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. As I wrote about last week, I’ve been diving a lot into apps’ privacy policies recently. And I was recently made aware of...
View ArticleClik here to view.
Vulnerability Spotlight: Issue in Hancom Office 2020 could lead to code...
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable memory corruption vulnerability in Hancom Office 2020. Hancom...
View ArticleClik here to view.
Threat Roundup for September 30 to October 7
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 30 and Oct. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Vulnerability Spotlight: Data deserialization in VMware vCenter could lead to...
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable data deserialization vulnerability in the VMware vCenter server...
View ArticleClik here to view.
Microsoft Patch Tuesday for October 2022 — Snort rules and prominent...
By Jon Munshaw and Vanja Svajcer.Microsoft released its monthly security update Tuesday, disclosing 83 vulnerabilities across the company’s hardware and software line, including seven critical issues...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router...
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several...
View Article