Clik here to view.
Why logging is one of the most overlooked aspects of incident response, and...
By Rami Altalhi and David Roman. Logs are fundamental to strengthening an organization's digital defenses. Many logs within an organization contain records related to computer security. These...
View ArticleClik here to view.
What is Cracktivator software?
Cisco Talos coined the term “Cracktivator software” to reference counterfeit or modified software for pirated versions of Windows applications. One of our teammates, James Nutland, led the research to...
View ArticleClik here to view.
More helpful resources for users of all skill levels to help you Take a...
Welcome to this week’s edition of the Threat Source newsletter. I continue to be saddened by all the conflict in Israel and Gaza that’s still ongoing. I’ll be back with a “normal” newsletter next week,...
View ArticleClik here to view.
Threat Roundup for October 13 to October 20
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 13 and Oct. 20. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Attacks on web applications spike in third quarter, new Talos IR data shows
Quarterly threat report: Telecommunications and education are most-targeted verticals There was a notable increase in threats to web applications, accounting for 30 percent of the engagements Cisco...
View ArticleClik here to view.
Kazakhstan-associated YoroTrooper disguises origin of attacks as Azerbaijan
Cisco Talos assesses with high confidence that YoroTrooper, an espionage-focused threat actor first active in June 2022, likely consists of individuals from Kazakhstan based on their use of Kazakh...
View ArticleClik here to view.
9 vulnerabilities found in VPN software, including 1 critical issue that...
Cisco Talos has disclosed 17 vulnerabilities over the past two weeks, including nine that exist in a popular VPN software. Attackers could exploit these vulnerabilities in the SoftEther VPN solution...
View ArticleClik here to view.
How helpful are estimates about how much cyber attacks cost?
Coming from the newspaper and media industry, I’m no stranger to wanting to write catchy headlines. I’m certainly at fault for throwing together a story about so-and-sos house sold for X million...
View ArticleClik here to view.
Arid Viper disguising mobile spyware as updates for non-malicious Android...
Since April 2022, Cisco Talos has been tracking a malicious campaign operated by the espionage-motivated Arid Viper advanced persistent threat (APT) group targeting Arabic-speaking Android users. In...
View ArticleClik here to view.
Attackers use JavaScript URLs, API forms and more to scam users in popular...
Online video games often make use of in-game virtual currency and give players the ability to purchase, trade or sell items. While these features are often selling points for players and potential...
View ArticleClik here to view.
You’d be surprised to know what devices are still using Windows CE
Windows CE — an operating system that, despite being out for 27 years, never had an official explanation for why it was called “CE” — finally reached its official end-of-life period this week. This was...
View ArticleClik here to view.
Threat Roundup for October 27 to November 3
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 27 and Nov. 3. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
What is NIS2, and how can you best prepare for the new cybersecurity...
NIS2 is a European directive that includes new measures to ensure that organizations operating in the European Union (EU) have a high common level of network and infrastructure security. The...
View ArticleClik here to view.
Spammers abuse Google Forms’ quiz to deliver scams
Spammers are exploiting the "Release scores" feature of Google Forms quizzes to deliver email.The emails originate from Google's own servers and consequently may have an easier time bypassing anti-spam...
View ArticleClik here to view.
Threat Roundup for November 3 to November 10
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 3 and Nov. 10. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
A new video series, Google Forms spam and the various gray areas of cyber...
I found the juxtaposition of stories on the Talos blog over the past week-plus kind of funny. On one hand, we had a massive story about Arid Viper, a Middle Eastern threat actor spreading spyware, one...
View ArticleClik here to view.
Microsoft discloses only three critical vulnerabilities in November’s Patch...
Microsoft’s monthly security update released Tuesday only includes three critical vulnerabilities, an unusually small number based on previous months’ Patch Tuesdays. In all, this set of...
View ArticleClik here to view.
7 common mistakes companies make when creating an incident response plan and...
Cisco Talos recently covered the basics of NIS2, a new set of requirements for cybersecurity and security incident disclosures set to take effect next year in the European Union.As part of these new...
View ArticleClik here to view.
We all just need to agree that ad blockers are good
I don’t think this is a particularly bold take — but I’m not afraid to say that ad blockers are good! Ever since I started using one sometime in 2016, my experience of using the internet has improved...
View ArticleClik here to view.
Understanding the Phobos affiliate structure and activity
Cisco Talos recently identified the most prolific Phobos variants, common affiliate tactics, techniques and procedures (TTPs), and characteristics of the Phobos affiliate structure, based on observed...
View Article