Clik here to view.
Threat Round up for December 9 to December 16
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 9 and Dec. 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Threat Spotlight: XLLing in Excel - threat actors using malicious add-ins
Microsoft is phasing out support for executing VBA macros in downloaded Office documents.Cisco Talos investigates another vector for introduction of malicious code to Microsoft Excel—malicious add-ins,...
View ArticleClik here to view.
Vulnerability Spotlight: Authentication bypass and enumeration...
Dave McDaniel and other members of Cisco Talos discovered these vulnerabilities.Cisco Talos recently discovered two vulnerabilities in Ghost CMS, one authentication bypass vulnerability and one...
View ArticleClik here to view.
Vulnerability Spotlight: OpenImageIO file processing issues could lead to...
Lilith >_> of Cisco Talos discovered these vulnerabilities.Cisco Talos recently discovered nineteen vulnerabilities in OpenImageIO, an image processing library, which could lead to sensitive...
View ArticleClik here to view.
Threat Source newsletter (Jan. 5, 2023): Digging out of our inboxes
Happy New Year and welcome to this week's edition of the Threat Source newsletter. We can’t tell if it’s the fog from Lurene’s deadly eggnog or dare we say pure rest and relaxation but we’re still...
View ArticleClik here to view.
APT Topic Summary Report: Cisco Talos Year in Review 2022
State-sponsored or state-aligned advanced persistent threats (APTs) adapted to the changing geopolitical landscape in 2022. Cisco Talos observed several offensive cyber campaigns linked to several...
View ArticleClik here to view.
Vulnerability Spotlight: Asus router access, information disclosure, denial...
Lilith >_> of Cisco Talos discovered these vulnerabilities.Cisco Talos recently discovered three vulnerabilities in Asus router software.The Asus RT-AX82U router is one of the newer Wi-Fi 6...
View ArticleClik here to view.
Increasing trust, commitment, and predictability during a remote incident...
Authors: Gergana Karadzhova, Joe Schumacher, Pawel BosekIn this blog post, Cisco Talos Incident Response (Talos IR) presents some of the key benefits of remote IR support and offers a list of...
View ArticleClik here to view.
Microsoft Patch Tuesday for January 2023 — Snort rules and prominent...
Microsoft released its monthly security update on Tuesday, disclosing 98 vulnerabilities. Of these vulnerabilities, 11 are classified as “Critical”, 87 are classified as “Important”, no vulnerability...
View ArticleClik here to view.
2022 Year in Review: APTs Livestream Replay
Did you miss our livestream focused on the APT section in the Cisco Talos Year in Review report? Join host Mitch Neff and special guests Jacob Finn, Asheer Malhotra, and Vitor Ventura as they discuss...
View ArticleClik here to view.
How to instrument system applications on Android stock images
By Vitor VenturaThis post is the result of research presented at Recon Montreal 2022. Two slide decks are provided along with this research . One is the presentation showing the whole process and how...
View ArticleClik here to view.
Threat Source newsletter (Jan. 12, 2023): Did ChatGPT write our newsletter?
Welcome to this week’s edition of the Threat Source newsletter.We tried to get ChatGPT to write this week’s newsletter but it was at capacity, so you’ll have to stick with us for another week. Or maybe...
View ArticleClik here to view.
Vulnerability Spotlight: Integer and buffer overflow vulnerabilities found in...
Emma Reuter and Theo Morales of ASIG and Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities.Cisco ASIG and Cisco Talos recently discovered code execution vulnerabilities in QT QML.Qt is...
View ArticleClik here to view.
Threat Round up for January 6 to January 13
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 6 and Jan. 13. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Following the LNK metadata trail
Adversaries’ shift toward Shell Link (LNK) files, likely sparked by Microsoft’s decision to block macros, provides the opportunity to capitalize on information that can be provided by LNK...
View ArticleClik here to view.
Vulnerability Spotlight: XSS vulnerability in Ghost CMS
Dave McDaniel of Cisco Talos discovered this vulnerability.Cisco Talos recently discovered a cross-site scripting (XSS) vulnerability in Ghost CMS.Ghost is a content management system with tools to...
View ArticleClik here to view.
Threat Source newsletter (Jan. 19, 2023): Talent retention and institutional...
Welcome to this week’s edition of the Threat Source newsletter.Talent retention and institutional knowledge go hand in hand. Both are critical to ensuring the security of your network environment. To...
View ArticleClik here to view.
Threat Round up for January 13 to January 20
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 13 and Jan. 20. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
State Sponsored Attacks in 2023 and Beyond
As we begin 2023 I wanted to take some time and look at the state sponsored threat landscape. Over the last few decades we've seen seismic shifts in how state sponsored actors attack, starting with...
View ArticleClik here to view.
Threat Landscape Topic Summary Report: Cisco Talos Year in Review 2022
While our ongoing support to Ukraine and response to the Log4j vulnerabilities were two of our most comprehensive and impactful efforts in 2022, we also dealt with a multitude of other threats as the...
View Article