[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud

TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register for the Strategic Briefing Here. Most security tools work like a smoke alarm that goes off every time you burn a piec...

PT-2026-35169

Name of the Vulnerable Software and Affected Versions bubblewrap versions 0.11.0 through 0.11.1 Description Privilege escalation is possible if the software is installed as setuid root, occurring via ptrace a system call used for process tracing and debugging. Recommendations Update to version...

Judge Delays Minnesota ICE Decision While Weighing Whether State Is Being Illegally Punished

A federal judge ordered a new briefing due Wednesday on whether DHS is using armed raids to pressure Minnesota into abandoning its sanctuary policies, leaving ICE operations in place for now...

EUVD-2026-0513

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

Leadership, Innovation, and the Future of AI: Lessons from Trend Micro CEO & Co-Founder Eva Chen

Discover how AI is reshaping cybersecurity through our CEO, Eva Chen’s industry briefing series. Gain practical strategies, real-world insights, and a clear roadmap to secure your AI initiatives with confidence...

Senator Chides FBI for Weak Advice on Mobile Security

Agents with the Federal Bureau of Investigation FBI briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was reportedly used to fuel a series of text messages and...

GHSA-23W5-4M68-GV63 vulnerabilities

Vulnerabilities for packages: mysql...

Where to find Talos at BlackHat 2024

With Black Hat just a week away, Cisco Talos is gearing up for another year of heading to Las Vegas to share in some of the latest major cybersecurity announcements, research and news. This year marks the 10th anniversary of Cisco Talos, as the Talos brand was officially launched in August 2014 a...

Combatting the Evolving SaaS Kill Chain: How to Stay Ahead of Threat Actors

The modern kill chain is eluding enterprises because they aren't protecting the infrastructure of modern business: SaaS. SaaS continues to dominate software adoption, and it accounts for the greatest share of public cloud spending. But enterprises and SMBs alike haven't revised their security...

Wallarm at Black Hat USA 2023 Booth #3131

Wallarm is excited to be back at Black Hat USA this year and meet with our friends in the community wanting or perhaps needing to learn more about integrated web app and API protection. We look forward to seeing you there! Expo Hours If you’re attending in person, the Business Hall is open for tw...

EFB Tampering. The Human Factor

Like most people, pilots want to expedite things and generally make their work easier. A common conception about aviation is that its a leading industry with technology at its forefront. While this is generally true some of the systems in use today are rather dated to put it mildly. A great examp...

Spotting brand impersonation with Swin transformers and Siamese neural networks

Every day, Microsoft Defender for Office 365 encounters millions of brand impersonation emails. Our security solutions use multiple detection and prevention techniques to help users avoid divulging sensitive information to phishers as attackers continue refining their impersonation tricks. In thi...

The Biggest Security Threats to the US Are the Hardest to Define

In a Senate briefing, the heads of the major intelligence agencies warned the public about dangers that offer no easy solutions...

What to Expect in the initial FedRAMP briefing with your Agency Sponsor and the PMO

Most people who have spent any time researching the FedRAMP authorization process know there are two routes for a Cloud Service Provider CSP to become FedRAMP authorized: Agency and Joint Authorization Board JAB. Because of the limited number of CSPs selected each quarter for the JAB authorizatio...

A security researcher has made contact. What do I do?

Businesses say that they take security of customer data seriously but, when presented with a vulnerability, are often more concerned about their own reputation than the security of their customers. Handle disclosure correctly and you can do both: protect your customers and protect your reputation...

Threat Source newsletter (May 30)

Newsletter compiled by Jonathan Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Did you update all of your Microsoft products after Patch Tuesday earlier this month? If not, what are you waiting for? Listen to t...

Now Available: Recording of Chinese Malicious Cyber Activity Briefing

The Cybersecurity and Infrastructure Security Agency CISA has posted the February 14, 2019, Awareness Briefing on Chinese Malicious Cyber Activity. This webinar provides background and mitigation techniques on Chinese malicious cyber activity targeting managed service providers MSPs. CISA...

New Session Added: CISA Awareness Briefing on Chinese Malicious Cyber Activity

The Cybersecurity and Infrastructure Security Agency CISA has added an additional session to the virtual awareness briefing on Chinese malicious cyber activity targeting managed service providers. The briefing will be held on Thursday, February 14, 2019, from 1-2 p.m. ET. The briefing will provid...

Talos Quarterly Threat Briefing - Winter 2018

Date: Tuesday, February 27, 2018 Time: 1:00pm ET/10:00am PT Topic: Miners, Malspam, and Meltdowns Recording available here: Space is limited for this event, so be sure to save your spot. Following the webinar, the video will also be made available here. In this edition of the Talos Quarterly Thre...

Join us at Black Hat 2017

Hide your phones, hide your laptops ‘cause they’re hackin’ everyone out here! For the 20th year, on July 26 and 27, thousands of cybersecurity executives, researchers and enthusiasts will descend upon Las Vegas for Black Hat 2017, including some of Trend Micro’s finest. Throughout the week, Trend...