Clik here to view.
Cybersecurity for businesses of all sizes: A blueprint for protection
One of the primary reasons why cybersecurity remains a complex undertaking is the increased sophistication of modern cyber threats. As the internet and digital technologies continue to advance, so do...
View ArticleClik here to view.
Threat Roundup for May 26 to June 2
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 26 and June 2. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this...
View ArticleClik here to view.
How Joe Marshall helps defend everything from electrical grids to grain...
Joe Marshall was a security practitioner before he even knew it.Marshall started his career in information technology as a systems administrator. On the surface, he jokes that he was a “white-collar...
View ArticleClik here to view.
Adversaries increasingly using vendor and contractor accounts to infiltrate...
Cisco Talos Incident Response (Talos IR) has repeatedly observed attackers targeting and using compromised vendor and contractor accounts (VCAs) during recent emergency response engagements. While...
View ArticleClik here to view.
Now’s not the time to take our foot off the gas when it comes to fighting...
Welcome to this week’s edition of the Threat Source newsletter.In the wake of the 2016 and 2020 presidential elections, it seemed like big tech companies were taking the fight against disinformation...
View ArticleClik here to view.
Threat Roundup for June 2 to June 9
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 2 and June 9. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this...
View ArticleClik here to view.
".zip" top-level domains draw potential for information leaks
Google’s recent offering of the “.zip” top-level domain (TLD) has led security researchers and likely threat actors to register numerous domains for red teaming and phishing attacks, respectively,...
View ArticleClik here to view.
Microsoft discloses 5 critical vulnerabilities in June's Patch Tuesday, no...
Microsoft released its monthly security update Tuesday, disclosing 69 vulnerabilities across its suite of products and software. Five of these vulnerabilities are considered to be critical, 45 of them...
View ArticleClik here to view.
Two remote code execution vulnerabilities disclosed in Microsoft Excel
Cisco Talos recently discovered two vulnerabilities in the Microsoft Excel spreadsheet management software that could allow a malicious actor to execute arbitrary code on the targeted machine.Microsoft...
View ArticleClik here to view.
What does it mean when ransomware actors use “double extortion” tactics?
It is no longer enough for ransomware actors to encrypt targets’ files, ask for money, and get out.Over the past several years, these groups are increasingly relying on “double extortion” tactics to...
View ArticleClik here to view.
URLs have always been a great hiding place for threat actors
Welcome to this week’s edition of the Threat Source newsletter.Talos’ recent blog post on the dangers posed by the newly released “.zip” top-level domain (TLD) recently outlined how threat actors could...
View ArticleClik here to view.
Active exploitation of the MOVEit Transfer vulnerability — CVE-2023-34362 —...
Cisco Talos is monitoring recent reports of exploitation attempts against CVE-2023-34362, a SQL injection zero-day vulnerability in the MOVEit Transfer managed file transfer (MFT) solution that has...
View ArticleClik here to view.
Threat Roundup for June 9 to June 16
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 9 and June 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Video: How Talos’ open-source tools can assist anyone looking to improve...
Cisco Talos’ remit is not just to protect our customers from cyber attacks. We also strive to make the internet a better and safer place.That’s one of the reasons why we create and release open-source...
View ArticleClik here to view.
Cybersecurity hotlines at colleges could go a long way toward filling the...
Welcome to this week’s edition of the Threat Source newsletter.I recently stumbled upon news that the University of Texas at Austin is launching a new cybersecurity clinic run by faculty and students...
View ArticleClik here to view.
Threat Roundup for June 16 to June 23
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 16 and June 23. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Vulnerability Spotlight: Use-after-free condition in Google Chrome WebGL
Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome’s Web Graphics Library (WebGL).Google Chrome is a cross-platform web browser — and Chromium is the...
View ArticleClik here to view.
How Talos IR’s Purple Team can help you prepare for the worst-case scenario
Purple Team exercises are included within the Cisco Talos Incident Response Retainer service and our experts can help your organization find security holes before the bad guys can.As your trusted...
View ArticleClik here to view.
New video provides a behind-the-scenes look at Talos ransomware hunters
Welcome to this week’s edition of the Threat Source newsletter.AI-generated art is causing drama across the internet over the past few months, from Marvel TV show opening credits scenes to predatory...
View ArticleClik here to view.
The growth of commercial spyware based intelligence providers without legal...
Attackers have long used commercial products developed by legitimate companies to compromise targeted devices. These products are known as commercial spyware. Commercial spyware operations mainly...
View Article