Clik here to view.
April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to...
In one of the largest Patch Tuesdays in years, Microsoft disclosed 150 vulnerabilities across its software and product portfolio this week, including more than 60 that could lead to remote code...
View ArticleClik here to view.
Vulnerability in some TP-Link routers could lead to factory reset
Cisco Talos’ Vulnerability Research team has disclosed 10 vulnerabilities over the past three weeks, including four in a line of TP-Link routers, one of which could allow an attacker to reset the...
View ArticleClik here to view.
The internet is already scary enough without April Fool’s jokes
I feel like over the past several years, the “holiday” that is April Fool’s Day has really died down. At this point, there are few headlines you can write that would be more ridiculous than something...
View ArticleClik here to view.
Large-scale brute-force activity targeting VPNs, SSH services with commonly...
Cisco Talos would like to acknowledge Brandon White of Cisco Talos and Phillip Schafer, Mike Moran, and Becca Lynch of the Duo Security Research team for their research that led to identification of...
View ArticleClik here to view.
OfflRouter virus causes Ukrainian users to upload confidential documents to...
During a threat-hunting exercise, Cisco Talos discovered documents with potentially confidential information originating from Ukraine. The documents contained malicious VBA code, indicating they may...
View ArticleClik here to view.
Could the Brazilian Supreme Court finally hold people accountable for sharing...
If you’re a regular reader of this newsletter, you already know about how strongly I feel about the dangers of spreading fake news, disinformation and misinformation. And honestly, if you’re reading...
View ArticleClik here to view.
What’s the deal with the massive backlog of vulnerabilities at the NVD?
The National Vulnerability Database is usually the single source of truth for all things related to security vulnerabilities. But now, they’re facing an uphill battle against a massive backlog of...
View ArticleClik here to view.
Suspected CoralRaider continues to expand victimology using three information...
By Joey Chen, Chetan Raghuprasad and Alex Karkins. Cisco Talos discovered a new ongoing campaign since at least February 2024, operated by a threat actor distributing three famous infostealer malware,...
View ArticleClik here to view.
ArcaneDoor - New espionage-focused campaign found targeting perimeter network...
ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are the...
View ArticleClik here to view.
Talos IR trends: BEC attacks surge, while weaknesses in MFA persist
Business email compromise (BEC) was the top threat observed by Cisco Talos Incident Response (Talos IR) in the first quarter of 2024, accounting for nearly half of engagements, which is more than...
View ArticleClik here to view.
The private sector probably isn’t coming to save the NVD
I wrote last week about the problems arising from the massive backlog of vulnerabilities at the U.S. National Vulnerability Database. Thousands of CVEs are still without analysis data, and the...
View ArticleClik here to view.
James Nutland studies what makes threat actors tick, growing our...
If state-sponsored actors are after one thing, it’s to spread fear and uncertainty across the internet. There’s always money to be made targeting individual businesses and organizations, but for James...
View ArticleClik here to view.
Cisco Talos at RSAC 2024
With RSAC just a week away, Cisco Talos is gearing up for another year of heading to San Francisco to share in some of the latest major cybersecurity announcements, research and news. We’ve pulled...
View ArticleClik here to view.
Vulnerabilities in employee management system could lead to remote code...
Cisco Talos’ Vulnerability Research team has disclosed more than a dozen vulnerabilities over the past three weeks, five in a device that allows employees to check in and out of their shifts, and...
View ArticleClik here to view.
What can we learn from the passwords used in brute-force attacks?
Brute force attacks are one of the most elementary cyber threats out there. Technically, anyone with a keyboard and some free time could launch one of them — just try a bunch of different username and...
View ArticleClik here to view.
Talos discloses multiple zero-day vulnerabilities, two of which could lead to...
Cisco Talos’ Vulnerability Research team recently disclosed three zero-day vulnerabilities that are still unpatched as of Wednesday, May 8. Two vulnerabilities in this group — one in the Tinyroxy HTTP...
View ArticleClik here to view.
A new alert system from CISA seems to be effective — now we just need...
One of the great cybersecurity challenges organizations currently face, especially smaller ones, is that they don’t know what they don’t know. It’s tough to have your eyes on everything all the time,...
View ArticleClik here to view.
Talos joins CISA to counter cyber threats against non-profits, activists and...
Cisco Talos is delighted to share updates about our ongoing partnership with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to combat cybersecurity threats facing civil society...
View ArticleClik here to view.
Only one critical vulnerability included in May’s Microsoft Patch Tuesday;...
After a relatively hefty Microsoft Patch Tuesday in April, this month’s security update from the company only included one critical vulnerability across its massive suite of products and services. In...
View ArticleClik here to view.
Talos releases new macOS open-source fuzzer
Cisco Talos has developed a fuzzer that enables us to test macOS software on commodity hardware.Fuzzer utilizes a snapshot-based fuzzing approach and is based on WhatTheFuzz framework.Support for VM...
View Article