Clik here to view.
We’re not talking about cryptocurrency as much as we used to, but there are...
AI has since replaced “cryptocurrency” and “blockchain” as the cybersecurity buzzwords everyone wants to hear. We're not getting as many headlines about cryptocurrency miners, the security risks or...
View ArticleClik here to view.
How do cryptocurrency drainer phishing scams work?
By Teoderick Contreras and Jose Hernandez of Splunk, with contributions from the Splunk Threat Research Team. Cryptodrainer scams have emerged as a significant threat in the cryptocurrency ecosystem,...
View ArticleClik here to view.
Largest Patch Tuesday in 3 months includes 5 critical vulnerabilities
Microsoft released its monthly security update on Tuesday, disclosing 142 vulnerabilities across its suite of products and software. Of those, there are five critical vulnerabilities, and every other...
View ArticleClik here to view.
Inside the ransomware playbook: Analyzing attack chains and mapping common TTPs
Given the recent slate of massive ransomware attacks that have disrupted everything from hospitals to car dealerships, Cisco Talos wanted to take a renewed look at the top ransomware players to see...
View ArticleClik here to view.
Hidden between the tags: Insights into spammers’ evasion techniques in HTML...
Cisco Talos has spotted several malicious email campaigns over the past few months that disguise JavaScript code within HTML email attachments, a technique commonly known as “HTML Smuggling.” Cisco...
View ArticleClik here to view.
15 vulnerabilities discovered in software development kit for wireless routers
Cisco Talos’ Vulnerability Research team recently discovered 15 vulnerabilities in the Realtek rtl819x Jungle software development kit used in some small and home office wireless routers.This SDK uses...
View ArticleClik here to view.
Impact of data breaches is fueling scam campaigns
Data breaches have become one of the most crucial threats to organizations across the globe, and they’ve only become more prevalent and serious over time. A data breach occurs when unauthorized...
View ArticleClik here to view.
Checking in on the state of cybersecurity and the Olympics
With the 2024 Olympics’ Opening Ceremony only two weeks away now, there is one thing that’s an absolute guarantee of one thing happening during the traditionally unpredictable games: Cyber attacks....
View ArticleClik here to view.
It's best to just assume you’ve been involved in a data breach somehow
Between AT&T, all the follow-on activity from Snowflake, Microsoft Outlook, and more, it’s best to probably just assume at this point that your personal information has somehow been involved in a...
View ArticleClik here to view.
A (somewhat) complete timeline of Talos’ history
A lot has happened in Talos’ 10 years of existence. And to celebrate our birthday, we wanted to look back on some of the major moments in Talos’ history. Here’s an overview of some of the major events,...
View ArticleClik here to view.
IR Trends: Ransomware on the rise, while technology becomes most targeted sector
Business email compromise (BEC) and ransomware were the top threats observed by Cisco Talos Incident Response (Talos IR) in the second quarter of 2024, together accounting for 60 percent of...
View ArticleClik here to view.
The massive computer outage over the weekend was not a cyber attack, and I’m...
You’re not going to believe this, but there was a lot of misinformation on social media over the weekend after the massive CrowdStrike/Microsoft outage. As airlines cancelled flights, hospitals had to...
View ArticleClik here to view.
"There is no business school class that would ever sit down and design Talos"
As part of the celebrations of Cisco Talos turning 10, we’d like to take you back to where it all began: How we formed our mission of protecting our customers and making the internet suck a bit less,...
View ArticleClik here to view.
Out-of-bounds read vulnerability in NVIDIA driver; Open-source flashcard...
Cisco Talos’ Vulnerability Research team has helped to disclose and patch six new vulnerabilities over the past three weeks, including one in a driver that powers certain NVIDIA graphics cards. The...
View ArticleClik here to view.
Where to find Talos at BlackHat 2024
With Black Hat just a week away, Cisco Talos is gearing up for another year of heading to Las Vegas to share in some of the latest major cybersecurity announcements, research and news. This year marks...
View ArticleClik here to view.
Detecting evolving threats: NetSupport RAT campaign
By Chris Morrison.Cisco Talos is actively tracking multiple malware campaigns that utilize NetSupport RAT for persistent infections. These campaigns evade detection through obfuscation and updates....
View ArticleClik here to view.
APT41 likely compromised Taiwanese government-affiliated research institute...
Cisco Talos discovered a malicious campaign that compromised a Taiwanese government-affiliated research institute that started as early as July 2023, delivering the ShadowPad malware, Cobalt Strike and...
View ArticleClik here to view.
There is no real fix to the security issues recently found in GitHub and...
A recently discovered security issue in GitHub and other, similar, control system products seem to fit into the classic “it’s a feature, not a bug” category. Security researchers last week published...
View ArticleClik here to view.
Ryan Pentney reflects on 10 years of Talos and his many roles from the...
As the adage goes: “You don’t know what you don’t know.” For Ryan Pentney and his team, they know what they don’t know. And they wake up every morning trying to figure out how they can answer those...
View ArticleClik here to view.
The top stories coming out of the Black Hat cybersecurity conference
Over the next two weeks, two of the largest cybersecurity conferences in the world will take place in Las Vegas: Black Hat and DEF CON. That means product announcements, buzzwords and stories about “X...
View Article