Clik here to view.
Multiple vulnerabilities in Adobe Acrobat Reader could lead to remote code...
Cisco Talos has disclosed more than 30 vulnerabilities in February, including seven in Adobe Acrobat Reader, one of the most popular PDF editing and reading software currently available. Adversaries...
View ArticleClik here to view.
Why Apple added protection against quantum computing when quantum computing...
Apple released a new update for nearly all its devices that provides an all-new type of encryption for its iMessages to the point that, in theory, iMessages are now protected against attacks from...
View ArticleClik here to view.
Heather Couk is here to keep your spirits up during a cyber emergency, even...
“Gotta Fly Now” is more closely associated with corporate hype videos or conferences with thousands of attendees in a mid-market city’s convention center than it is from its origins in the “Rocky”...
View ArticleClik here to view.
GhostSec’s joint ransomware operation and evolution of their arsenal
Cisco Talos observed a surge in GhostSec, a hacking group’s malicious activities since this past year.GhostSec has evolved with a new GhostLocker 2.0 ransomware, a Golang variant of the GhostLocker...
View ArticleClik here to view.
Badgerboard: A PLC backplane network visibility module
Analysis of the traffic between networked devices has always been of interest since devices could even communicate with one another. As the complexity of networks grew, the more useful dedicated...
View ArticleClik here to view.
The 3 most common post-compromise tactics on network infrastructure
We’ve been discussing networking devices quite a lot recently and how Advanced Persistent Threat actors (APTs) are using highly sophisticated tactics to target aging infrastructure for espionage...
View ArticleClik here to view.
You’re going to start seeing more tax-related spam, but remember, that...
It’s that time of the year when not only do you have to be worried about filing your federal taxes in the U.S., you must also be on the lookout for a whole manner of tax-related scams. These are...
View ArticleClik here to view.
Another Patch Tuesday with no zero-days, only two critical vulnerabilities...
For the second month in 2024, there are no actively exploited vulnerabilities included in this month’s security update from Microsoft. March’s Patch Tuesday is relatively light, containing 60...
View ArticleClik here to view.
Threat actors leverage document publishing sites for ongoing credential and...
Cisco Talos Incident Response (Talos IR) has observed the ongoing use of legitimate digital document publishing (DDP) sites for phishing, credential theft and session token theft during recent incident...
View ArticleClik here to view.
Not everything has to be a massive, global cyber attack
Some of my Webex rooms recently have been blowing up with memes about blaming Canada or wild speculation that a state-sponsored actor is carrying out some sort of major campaign. After a widespread...
View ArticleClik here to view.
The LockBit story: Why the ransomware affiliate model can turn takedowns into...
In ancient Greek mythos, the mighty Hercules faced a seemingly insurmountable challenge when he encountered the Lernaean Hydra. This fearsome serpent had a terrifying ability: For every head that...
View ArticleClik here to view.
Dissecting a complex vulnerability and achieving arbitrary code execution in...
Cisco Talos disclosed several vulnerabilities in JustSystems’ Ichitaro Word Processor last year. These vulnerabilities were complex and were discovered through extensive reverse...
View ArticleClik here to view.
Netgear wireless router open to code execution after buffer overflow...
Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities across a range of products, including one that could lead to remote code execution in a popular Netgear wireless router...
View ArticleClik here to view.
New details on TinyTurla’s post-compromise activity reveal full kill chain
Cisco Talos is providing an update on its two recent reports on a new and ongoing campaign where Turla, a Russian espionage group, deployed their TinyTurla-NG (TTNG) implant. We now have new...
View ArticleClik here to view.
“Pig butchering” is an evolution of a social engineering tactic we’ve seen...
Whether you want to call them “catfishing,” “pig butchering” or just good ‘old-fashioned “social engineering,” romance scams have been around forever. I was first introduced to them through the MTV...
View ArticleClik here to view.
Enter the substitute teacher
Welcome to this week’s threat source newsletter with Jon out, you’ve got me as your substitute teacher. I’m taking you back to those halcyon days of youth and that moment when you found out that you...
View ArticleClik here to view.
Adversaries are leveraging remote access tools now more than ever — here’s...
Remote system management/desktop access tools such as AnyDesk and TeamViewer have grown in popularity since 2020. While there are many legitimate uses for this software, adversaries are also finding...
View ArticleClik here to view.
CoralRaider targets victims’ data and social media accounts
Cisco Talos discovered a new threat actor we’re calling “CoralRaider” that we believe is of Vietnamese origin and financially motivated. CoralRaider has been operating since at least 2023, targeting...
View ArticleClik here to view.
There are plenty of ways to improve cybersecurity that don’t involve making...
As my manager knows, I’m not the biggest fan of working in a physical office. I’m a picky worker — I like my workspace to be borderline frigid, I hate dark mode on any software, and I want any and all...
View ArticleClik here to view.
Starry Addax targets human rights defenders in North Africa with new malware
Cisco Talos is disclosing a new threat actor we deemed “Starry Addax” targeting mostly human rights activists, associated with the Sahrawi Arab Democratic Republic (SADR) cause with a novel mobile...
View Article