8 matches found
IR Trends Q4 2025: Exploitation remains dominant, phishing campaign targets Native American tribal organizations
Threat actors predominately exploited public-facing applications for the second quarter in a row, with this tactic appearing in nearly 40 percent of Cisco Talos Incident Response Talos IR engagements -- a notable decrease from over 60 percent last quarter, when engagements involving ToolShell...
Patch it up: Old vulnerabilities are everyone’s problems
Welcome to this week's edition of the Threat Source newsletter. Let's pick up where we left off in my last newsletter. Please mark your calendars: The free support for Windows 10 will end on October 14, 2025. When a software loses vendor support, it no longer receives patches or updates. As...
Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike
Threat actors increasingly deployed web shells against vulnerable web applications and primarily exploited vulnerable or unpatched public-facing applications to gain initial access in Q4, a notable shift from previous quarters. The functionality of the web shells and targeted web applications...
2024 Midyear Threat Landscape Review
As we navigate the complexities of 2024, its crucial to pause and reflect on the evolving threat landscape that surrounds us. This moment offers a unique opportunity to scrutinize our triumphs and missteps, understand the events that have decisively shaped our environment, and consider those that...
Top MITRE ATT&CK Tactics and Techniques Leveraged in 2023
The Qualys Threat Research Unit has mapped vulnerabilities and misconfigurations to the MITRE ATT&CK framework tactics and techniques to help you get the attacker’s view. They have also analyzed vulnerabilities and misconfigurations across all our customers to find the top tactics and techniques...
Quarterly Report: Incident Response Trends in Q1 2023
Web shell usage spikes in Q1 compared to previous quarters, correlating with higher instances of exploitation of public-facing applications. In a novel increase compared to previous quarters, Cisco Talos Incident Response Talos IR reports that web shells were the most-observed threat in the first...
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
Summary Best Practices • Apply patches as soon as possible • Disable unnecessary ports and protocols • Replace end-of-life infrastructure • Implement a centralized patch management system This joint Cybersecurity Advisory describes the ways in which People’s Republic of China PRC state-sponsored...
App Security and PCI; Are you ready for the audit?
As most people know, merchants, financial institutions and anybody else who is involved in processing credit cards are subject to the PCI DSS compliance to reduce fraud and cybersecurity risks. This affects both brick-n-mortar stores and banks as well as card-not-present CNP transactions that...