Clik here to view.
You can try to hide your firmware from Kelly Patterson, but she’ll find it...
How her work illustrates the difference Talos’ vulnerability research team makesWhen Kelly Patterson first learned how to code by making small programs in her high school class, she preferred breaking...
View ArticleClik here to view.
Microsoft Patch Tuesday for September 2023 — Unusually low 5 critical...
Microsoft disclosed 65 vulnerabilities across its suite of products and software Tuesday, only five of which are considered critical, which is very low compared to Microsoft’s usual security...
View ArticleClik here to view.
How Cisco Talos IR helped a healthcare company quickly resolve a Qakbot attack
Partnership and proactive measures reduce resolution time from weeks to mere hours.Healthcare is one of the most popular targets for threat actors, as evidenced by the fact that it was the...
View ArticleClik here to view.
Turns out even the NFL is worried about deepfakes
Welcome to this week’s edition of the Threat Source newsletter.I’m at the point in the calendar year where I’m a sponge for NFL content. I couldn’t be happier to escape from my six-month American...
View ArticleClik here to view.
New ShroudedSnooper actor targets telecommunications firms in the Middle East...
Cisco Talos recently discovered a new malware family we’re calling “HTTPSnoop” being deployed against telecommunications providers in the Middle East.HTTPSnoop is a simple, yet effective, backdoor that...
View ArticleClik here to view.
What’s the point of press releases from threat actors?
Welcome to this week’s edition of the Threat Source newsletter.As a former reporter, I’ve seen my fair share of press releases. But one from a threat actor was definitely a new one for me last...
View ArticleClik here to view.
ICS protocol coverage using Snort 3 service inspectors
With more devices on operational technology (OT) networks now getting connected to wide-reaching IT networks, it is more important than ever to have effective detection capabilities for ICS protocols....
View ArticleClik here to view.
10 new vulnerabilities disclosed by Talos, including use-after-free issue in...
Cisco Talos disclosed 10 vulnerabilities over the past two weeks affecting a range of software, including the popular Google Chrome web browser.Attackers could exploit these vulnerabilities to carry...
View ArticleClik here to view.
The security pitfalls of social media sites offering ID-based authentication
Welcome to this week’s edition of the Threat Source newsletter.Since Elon Musk first started talking about purchasing Twitter/X around this time last year, one of his main sticking points has been how...
View ArticleClik here to view.
Threat Roundup for September 22 to September 29
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 22 and Sept. 29. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
What is the dark web?
Most users interact with the internet through the web, and many of the threat actors we write about operate on the “dark web.” Broadly speaking, the dark web is a small portion of the “deep web,” where...
View ArticleClik here to view.
Qakbot-affiliated actors distribute Ransom Night malware despite...
The threat actors behind the Qakbot malware have been conducting a campaign since early August 2023 in which they have been distributing Ransom Knight ransomware and the Remcos backdoor via phishing...
View ArticleClik here to view.
Is it bad to have a major security incident on your résumé? (Seriously I...
Welcome to this week’s edition of the Threat Source newsletter.It’s Cybersecurity Awareness Month, which means it’s time to hug your nearest defender — they’re probably tired, could be facing burnout...
View ArticleClik here to view.
How looking at decades of spam led Jaeson Schultz from Y2K to the metaverse...
At this point in his career, Jaeson Schultz has seen nearly every type of online scam there is to see.From fake bomb threats at schools, to “sextortion” campaigns, cryptocurrency mining, metaverse and...
View ArticleClik here to view.
Microsoft patches 12 critical vulnerabilities, nine of which are in Layer 2...
Microsoft disclosed 104 vulnerabilities in its extensive range of software and services, the most in a single Patch Tuesday since July. What is most notable is that this batch of vulnerabilities...
View ArticleClik here to view.
10 zero-day vulnerabilities in industrial cell router could lead to code...
Cisco Talos recently disclosed 11 vulnerabilities, 10 of which are zero-days without a patch in an industrial cellular router. Attackers could exploit these vulnerabilities in the Yifan YF325 to carry...
View ArticleClik here to view.
What to know about the HTTP/2 Rapid Reset DDoS attacks
Cisco Talos is actively tracking the novel distributed denial-of-service (DDoS) attacks cloud services provider Cloudflare disclosed earlier this week. The techniques described in Cloudflare’s blog...
View ArticleClik here to view.
Top resources for Cybersecurity Awareness Month
Welcome to this week’s edition of the Threat Source newsletter. I didn’t feel like I wanted to write anything special or witty this week given the current events in Israel and the Gaza Strip, but I...
View ArticleClik here to view.
Active exploitation of Cisco IOS XE Software Web Management User Interface...
Overview Cisco has identified active exploitation of a previously unknown vulnerability in the Web User Interface (Web UI) feature of Cisco IOS XE software (CVE-2023-20198) when exposed to the internet...
View ArticleClik here to view.
Snapshot fuzzing direct composition with WTF
Cisco Talos has developed a custom fuzzer using the popular snapshot fuzzer “WTF” which targets Direct Composition in Windows. Talos’ vulnerability research team used Protocol Buffers developed by...
View Article