Clik here to view.
A refresher on Talos’ open-source tools and the importance of the open-source...
Open-source software that is free to download, deploy and modify is a vital component in the fight for cyber security. Freely available software not only helps defend systems that would otherwise be...
View ArticleClik here to view.
Talos discovers Microsoft kernel mode driver vulnerabilities that could lead...
Microsoft disclosed six security vulnerabilities that are actively being exploited across its products as part of the company’s regular Patch Tuesday security update. In all, August’s monthly round of...
View ArticleClik here to view.
Talos discovers 11 vulnerabilities between Microsoft, Adobe software...
Cisco Talos’ Vulnerability Research team recently discovered 11 vulnerabilities in Microsoft Windows CLIPSP.SYS and Adobe Acrobat Reader that were all disclosed this week as part of the company’s...
View ArticleClik here to view.
AI, election security headline discussions at Black Hat and DEF CON
As promised, I’m back this week to recap some of the top stories coming out of Black Hat and DEF CON. Also as promised, AI was the talk of Vegas during Hacker Summer Camp (or at least from what I’ve...
View ArticleClik here to view.
How multiple vulnerabilities in Microsoft apps for macOS pave the way to...
Cisco Talos has identified eight vulnerabilities in Microsoft applications for the macOS operating system.An adversary could exploit these vulnerabilities by injecting malicious libraries into...
View ArticleClik here to view.
MoonPeak malware from North Korean actors unveils new details on attacker...
Cisco Talos is exposing infrastructure we assess with high confidence is being used by a state-sponsored North Korean nexus of threat actors we track as “UAT-5394," including for staging, command and...
View ArticleClik here to view.
No, not every Social Security number in the U.S. was stolen
My current least favorite thing about the churn of social media that I’ve seen over the past week is waves of stories, posts and videos saying that every U.S. citizen’s Social Security number has been...
View ArticleClik here to view.
BlackByte blends tried-and-true tradecraft with newly disclosed...
· The BlackByte ransomware group continues to leverage tactics, techniques and procedures (TTPs) that have formed the foundation of its tradecraft since its inception, continuously iterating its...
View ArticleClik here to view.
Fuzzing µC/OS protocol stacks, Part 3: TCP/IP server fuzzing, implementing a...
This is the final post in the three-part series that details techniques I used to fuzz two µC/OS protocol stacks: µC/TCP-IP and µC/HTTP-server. The first post highlighted code modifications necessary...
View ArticleClik here to view.
Fuzzing µC/OS protocol stacks, Part 1: HTTP server fuzzing
This is the first post of a three-part series, where we will be delving into the intricacies of fuzzing µC/OS protocol stacks. The techniques I will discuss are universally applicable to various RTOS...
View ArticleClik here to view.
Fuzzing µCOS protocol stacks, Part 2: Handling multiple requests per test case
So far in this series, I’ve developed a fuzzer for the µC/HTTP-server. As described in the previous post, this fuzzer reads from a file to enable compatibility with AFL++. That implementation only...
View ArticleClik here to view.
The vulnerabilities we uncovered by fuzzing µC/OS protocol stacks
Hunting for vulnerabilities in industrial environments has become increasingly important as industrial control systems and critical infrastructure face threats from state-sponsored actors and...
View ArticleClik here to view.
What kind of summer has it been?
Hello Talos followers. I’m back for my annual takeover of the Threat Source newsletter. First, an update on that killer sloth movie I was so excited about in August 2023. “Slotherhouse” debuted with an...
View ArticleClik here to view.
Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore...
Cisco Talos recently discovered several related Microsoft Office documents uploaded to VirusTotal by various actors between May and July 2024 that were all generated by a version of a payload generator...
View ArticleClik here to view.
Watch our new documentary, "The Light We Keep: A Project PowerUp Story"
You may have already read about the incredible story of Project PowerUp – how we worked with a multi-company, multi-national team to find a way to keep the lights on in Ukraine in the face of...
View ArticleClik here to view.
The best and worst ways to get users to improve their account security
As most quality thoughts go, my most recent musing on security came about because of fantasy football. I had to log into my Yahoo Sports account, which I admittedly only ever have to log in to, at...
View ArticleClik here to view.
Vulnerability in Tencent WeChat custom browser could lead to remote code...
Certain versions of WeChat, a popular messaging app created by tech giant Tencent, contain a type confusion vulnerability that could allow an adversary to execute remote code. While this issue,...
View ArticleClik here to view.
The 2024 Threat Landscape State of Play
As we head into the final furlong of 2024, we caught up with Talos’ Head of Outreach Nick Biasini to ask him what sort of year it’s been so far in the threat landscape. In this video, Nick outlines his...
View ArticleClik here to view.
Four zero-days included in group of 79 vulnerabilities Microsoft discloses,...
Microsoft disclosed four vulnerabilities that are actively being exploited in the wild as part of its regular Patch Tuesday security update this week in what’s become a regular occurrence for the...
View ArticleClik here to view.
DragonRank, a Chinese-speaking SEO manipulator service provider
Key Takeaways Cisco Talos is disclosing a new threat called “DragonRank” that primarily targets countries in Asia and a few in Europe, operating PlugX and BadIIS for search engine optimization (SEO)...
View Article