Clik here to view.
The benefits of taking an intent-based approach to detecting Business Email...
BEC is a multi-stage attack. Adversaries first identify targets, then they establish rapport with the victim before exploiting them for whatever their end goal is. In the case of BEC, a threat actor...
View ArticleClik here to view.
Vulnerability Spotlight: Vulnerabilities in Abode Systems home security kit...
Matt Wiseman of Cisco Talos discovered these vulnerabilities.Cisco Talos recently discovered several vulnerabilities in the Abode Systems iota All-In-One Security Kit. This kit includes a main security...
View ArticleClik here to view.
Threat Source newsletter (Oct. 20, 2022) — Shields Up! No seriously, Shields...
By Jon Munshaw.Welcome to this week’s edition of the Threat Source newsletter. I’m very excited about this video — it’s a project I’ve been working on with my team for a while now. Building off what...
View ArticleClik here to view.
Quarterly Report: Incident Response Trends in Q3 2022
Ransomware and pre-ransomware engagements make up 40 percent of threats seen this quarterFor the first time since compiling these reports, Cisco Talos Incident Response saw an equal number of...
View ArticleClik here to view.
Vulnerability Spotlight: Vulnerabilities in InHand router could give...
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities.Cisco Talos recently discovered several vulnerabilities in InHand Networks’ InRouter302 that could allow an attacker to access the...
View ArticleClik here to view.
Threat Source newsletter (Oct. 27, 2022): I thought we were already aware of...
Welcome to this week’s edition of the Threat Source newsletter.There are plenty of jokes about whether we’re “aware” of cybersecurity during National Cybersecurity Awareness Month. But now I’m...
View ArticleClik here to view.
See Yourself in Cyber: A Cybersecurity Awareness Month recap
As yet another October comes to an end, so does another Cybersecurity Awareness Month. Since 2004 when the President of the United States and Congress declared October Cybersecurity Awareness Month,...
View ArticleClik here to view.
Threat Roundup for October 21 to October 28
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 21 and Oct. 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Researcher Spotlight: How Azim Khodjibaev went from hunting real-world...
A case study in why cybersecurity experience is not a prerequisite to work in securityAzim Khodjibaev knows all sides of the “security” industry.That doesn’t just cover cybersecurity, either — he spent...
View ArticleClik here to view.
Threat Advisory: High Severity OpenSSL Vulnerabilities
In late October two new buffer overflow vulnerabilities, CVE-2022-3602 and CVE-2022-3786, were announced in OpenSSL versions 3.0.0 to 3.0.6. These vulnerabilities can be exploited by sending an X.509...
View ArticleClik here to view.
Threat Source newsletter (Nov. 3, 2022): Mastadon, evolution, and LiveJournal...
Welcome to this week’s edition of the Threat Source newsletter.I’m fascinated by how things live and die on the internet. Things that are ubiquitous to our daily lives are simply gone the next....
View ArticleClik here to view.
Threat Roundup for October 28 to November 4
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 28 and Nov. 4. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
The Company You Keep – Preparing for supply chain attacks with Talos IR
Given the increasing frequency of supply chain attacks, the sophistication of those attacks, and the expansion of the attack surface beyond an organization’s direct control, incident preparedness and...
View ArticleClik here to view.
Emotet coming in hot
Emotet is a ubiquitous and well-known banking trojan that has evolved over the years to become a very successful modular botnet capable of dropping a variety of other threats. Even after a global...
View ArticleClik here to view.
Microsoft Patch Tuesday for November 2022 — Snort rules and prominent...
Microsoft released its monthly security update on Tuesday, disclosing 62 vulnerabilities. Of these vulnerabilities, 8 are classified as “Critical” and the rest are classified as “Important.”Three of...
View ArticleClik here to view.
Threat Spotlight: Cyber Criminal Adoption of IPFS for Phishing, Malware...
The InterPlanetary File System (IPFS) is an emerging Web3 technology that is currently seeing widespread abuse by threat actors.Cisco Talos has observed multiple ongoing campaigns that leverage the...
View ArticleClik here to view.
Vulnerability Spotlight: Use-after-free vulnerabilities in Foxit Reader could...
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities.Cisco Talos recently discovered several use-after-free vulnerabilities in Foxit Reader that could lead to arbitrary code execution.The...
View ArticleClik here to view.
Threat Source newsletter (Nov. 10, 2022): Vulnerability research, movies in...
Welcome to this week’s edition of the Threat Source newsletter.Tuesday was an absolute hammer for the infosec community. Not only did we have the US elections but we had Emotet returning and a regular...
View ArticleClik here to view.
Vulnerability Spotlight: Microsoft Office class attribute double-free...
Marcin 'Icewall’ Noga of Cisco Talos discovered these vulnerabilities.Cisco Talos recently discovered a class attribute double-free vulnerability in Microsoft Office.Microsoft Office is a suite of...
View ArticleClik here to view.
Get a Loda This: LodaRAT meets new friends
LodaRAT samples were deployed alongside other malware families, including RedLine and Neshta.Cisco Talos identified several variants and altered versions of LodaRAT with updated functionality have been...
View Article