Lucene search
K

8 matches found

Talos Blog
Talos Blog
added 2026/01/29 11:0 a.m.13 views

IR Trends Q4 2025: Exploitation remains dominant, phishing campaign targets Native American tribal organizations

Threat actors predominately exploited public-facing applications for the second quarter in a row, with this tactic appearing in nearly 40 percent of Cisco Talos Incident Response Talos IR engagements -- a notable decrease from over 60 percent last quarter, when engagements involving ToolShell...

10CVSS6.3AI score0.99722EPSS
Exploits389
Talos Blog
Talos Blog
added 2025/03/13 6:4 p.m.25 views

Patch it up: Old vulnerabilities are everyone’s problems

Welcome to this week's edition of the Threat Source newsletter. Let's pick up where we left off in my last newsletter. Please mark your calendars: The free support for Windows 10 will end on October 14, 2025. When a software loses vendor support, it no longer receives patches or updates. As...

9.8CVSS10AI score0.99987EPSS
Exploits64
Talos Blog
Talos Blog
added 2025/01/30 11:0 a.m.16 views

Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike

Threat actors increasingly deployed web shells against vulnerable web applications and primarily exploited vulnerable or unpatched public-facing applications to gain initial access in Q4, a notable shift from previous quarters. The functionality of the web shells and targeted web applications...

8.7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/08/06 1:0 p.m.85 views

2024 Midyear Threat Landscape Review

As we navigate the complexities of 2024, its crucial to pause and reflect on the evolving threat landscape that surrounds us. This moment offers a unique opportunity to scrutinize our triumphs and missteps, understand the events that have decisively shaped our environment, and consider those that...

10CVSS9.1AI score0.99999EPSS
Exploits243
Qualys Blog
Qualys Blog
added 2024/03/12 8:45 p.m.35 views

Top MITRE ATT&CK Tactics and Techniques Leveraged in 2023

The Qualys Threat Research Unit has mapped vulnerabilities and misconfigurations to the MITRE ATT&CK framework tactics and techniques to help you get the attacker’s view. They have also analyzed vulnerabilities and misconfigurations across all our customers to find the top tactics and techniques...

9.8AI score
Exploits0
Talos Blog
Talos Blog
added 2023/04/26 12:0 p.m.34 views

Quarterly Report: Incident Response Trends in Q1 2023

Web shell usage spikes in Q1 compared to previous quarters, correlating with higher instances of exploitation of public-facing applications. In a novel increase compared to previous quarters, Cisco Talos Incident Response Talos IR reports that web shells were the most-observed threat in the first...

7.5CVSS10.5AI score0.18878EPSS
Exploits1
ICS
ICS
added 2022/06/10 12:0 p.m.117 views

People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

Summary Best Practices • Apply patches as soon as possible • Disable unnecessary ports and protocols • Replace end-of-life infrastructure • Implement a centralized patch management system This joint Cybersecurity Advisory describes the ways in which People’s Republic of China PRC state-sponsored...

10CVSS10AI score0.99999EPSS
Exploits140References117
Wallarm Lab
Wallarm Lab
added 2018/12/17 2:23 a.m.90 views

App Security and PCI; Are you ready for the audit?

As most people know, merchants, financial institutions and anybody else who is involved in processing credit cards are subject to the PCI DSS compliance to reduce fraud and cybersecurity risks. This affects both brick-n-mortar stores and banks as well as card-not-present CNP transactions that...

7.3AI score
Exploits0
Rows per page
Query Builder