kog-bonds-poc

KOG Bonds POC Agent Complete proof-of-concept demonstrating e...

Bill Largent: On epic reads, lifelong learning, and empathy

Welcome to another episode of Humans of Talos! This week, Amy sits down with William Bill Largent from the Strategic Planning and Communications team. Bill's role as Senior Security Researcher spans from threat research to communicating Talos's critical work to internal teams, partners, and...

EUVD-2003-1343

Malware in sbrugna...

EUVD-2006-4229

Malware in sbrugna...

EUVD-2009-4053

Malware in sbrugna...

The Voter Experience

Technology and innovation have transformed every part of society, including our electoral experiences. Campaigns are spending and doing more than at any other time in history. Ever-growing war chests fuel billions of voter contacts every cycle. Campaigns now have better ways of scaling outreach...

lotusoutreach.org Cross Site Scripting vulnerability OBB-3309090

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

QSC 2022: Qualys’ Threat Research Unit (TRU) – Our Shield Is Your Shield

Day two of QSC profiled the special launch of the Qualys Threat Research Unit, TRU. Taking the audience through a madcap tour of what the threat research unit is doing to provide intelligence and actionable insights into its census was Travis Smith, VP of Qualys Threat Research Unit. He dove deep...

MAL-2022-3647 Malicious code in hls-outreach-sms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a53e3be314f9e219be5477ddd5d6111a0c122ae7455767a1af129f3e971e7cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in hls-outreach-sms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a53e3be314f9e219be5477ddd5d6111a0c122ae7455767a1af129f3e971e7cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

kytar.outreachservices.info Cross Site Scripting vulnerability OBB-2313124

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

classiccar1.com Cross Site Scripting vulnerability OBB-2271387

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Defenders wanted—building the new cybersecurity professionals

As part of Cybersecurity Awareness Month, we published a special blog post earlier this week featuring real-world experiences shared by cybersecurity professionals: people with diverse backgrounds in law, academia, software development, and other seemingly unrelated fields. This topic is near and...

Threat Source newsletter (July 29, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. Thanks to everyone who joined us live yesterday for our talk on business email compromise. If you missed us live, the recording is up on our YouTube page now. Nick Biasini from Talos Outreach provided some great advice on... This i...

Qualys Update on Accellion FTA Security Incident

Update April 2, 2021 to the March 3 original blog post: As part of our commitment to keeping customers and the community informed about how we are addressing and resolving the Accellion FTA cyber incident, we are providing the following update to confirm containment of the incident and share...

REvil ransomware’s calling, and it’s not good news

The REvil ransomware AKA Sodinokibi, which operates as a Ransomware as a Service is adopting some outreach techniques after initial compromise, designed to shame victims into paying up. Shaming victims into action Malware authors and social engineers have relied on shame and the threat of exposur...

a-print.w2p-shop.com Cross Site Scripting vulnerability OBB-1427766

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

outreach.colorado.edu Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1185907 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

Sen. Schumer Pushes for TSA Employee Ban on TikTok App at Work

The Transportation Safety Authority TSA has become the latest federal agency to ban the use of TikTok among its employees based on national-security fears over how ByteDance, the Beijing-based company that owns the app, uses the data collected by it. Some TSA employees have used the app to create...

Our Ceiling, Their Floor, Educating the Future

Throughout this blog series, we've been discussing the future of tech in relation to our young people. At Akamai, our outreach programs and forward-thinking culture have positioned us as part of the movement determined to make the world better for...