Lucene search
K

30 matches found

Talos Blog
Talos Blog
added 2026/05/12 10:0 a.m.10 views

State-sponsored actors, better known as the friends you don’t want

State-sponsored actors don't break in. They log in, and they use your own tools to stay invisible for months. Responding to a state-sponsored threat is nothing like responding to ransomware, and the differences can make or break the outcome. From logging and baselines to OT segmentation and suppl...

5.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/10 10:38 a.m.6 views

Hackers may have breached FBI wiretap network via supply chain

Investigators are worried that a recent attack on a critical FBI system was more than just a random hit, and that another nation-state might have been involved. On February 17, the FBI flagged irregular network activity that led straight to its Digital Collection System Network. That system...

5.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/01/16 4:0 p.m.13 views

Perfect Fit or Business Threat? How to Mitigate the Risk of Rogue Employees

Rogue employees present significant financial and cybersecurity risks to organizations. Rapid7 threat researchers and penetration testers are actively observing how malicious actors exploit hiring pipelines to infiltrate businesses. This blog highlights real-world tactics, including: Insider...

7.3AI score
Exploits0
Talos Blog
Talos Blog
added 2024/10/03 6:0 p.m.10 views

CISA is warning us (again) about the threat to critical infrastructure networks

Government-run water systems and other critical infrastructure are still at risk from state-sponsored actors, according to a renewed warning from the U.S. Cybersecurity and Infrastructure Security Agency. CISA released an advisory last week on the matter of days after a small water treatment...

7.6AI score
Exploits0
Talos Blog
Talos Blog
added 2024/08/05 12:0 p.m.11 views

Ryan Pentney reflects on 10 years of Talos and his many roles from the Sourcefire days

As the adage goes: "You dont know what you dont know." For Ryan Pentney and his team, they know what they dont know. And they wake up every morning trying to figure out how they can answer those questions about emerging threats and some of the largest state-sponsored actors in the world. Pentney ...

7AI score
Exploits0
CISA
CISA
added 2024/05/14 12:0 p.m.7 views

CISA and Partners Release Guidance for Civil Society Organizations on Mitigating Cyber Threats with Limited Resources

CISA, in partnership with the Department of Homeland Security DHS, the Federal Bureau of Investigation FBI and international partners, released Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society. The joint guidance provides civil society organizations and individuals with...

7.1AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/13 12:0 a.m.102 views

CVE-2023-27997

A heap-based buffer overflow vulnerability CWE-122 in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all...

9.8CVSS10AI score0.85689EPSS
In wildExploits10References3
Rapid7 Blog
Rapid7 Blog
added 2022/12/02 9:45 p.m.14 views

Leaked Android Platform Certificates Create Risks for Users

On November 30, 2022, a Google apvi report from Łukasz Siewierski initially filed on November 11, 2022 was made public. The report contained 10 different platform certificates and malware sample SHA256 sums where the malware sample had been signed by a platform certificate — the application signi...

1.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/27 2:19 p.m.48 views

Researchers Expose Over 80 ShadowPad Malware C2 Servers

As many as 85 command-and-control C2 servers have been discovered supported by the ShadowPad malware since September 2021, with infrastructure detected as recently as October 16, 2022. That's according to VMware's Threat Analysis Unit TAU, which studied three ShadowPad variants using TCP, UDP, an...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/20 6:0 p.m.27 views

Threat Source newsletter (Oct. 20, 2022) — Shields Up! No seriously, Shields Waaaaay Up

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. I’m very excited about this video I’ve embedded below — it’s a project I’ve been working on with my team for a while now. Building off what I’ve written about in the past regarding fake news, this video examines what...

0.5AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/20 6:0 p.m.12 views

Threat Source newsletter (Oct. 20, 2022) — Shields Up! No seriously, Shields Waaaaay Up

By Jon Munshaw. Welcome to this weeks edition of the Threat Source newsletter. Im very excited about this video -- its a project Ive been working on with my team for a while now. Building off what Ive written about in the past regarding fake news, this video examines what essentially equates to t...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/13 4:15 p.m.171 views

Chinese APT's favorite vulnerabilities revealed

In a joint cybersecurity advisory, the National Security Agency NSA, the Cybersecurity and Infrastructure Security Agency CISA, and the Federal Bureau of Investigation FBI have revealed the top CVEs used by state-sponsored threat actors from China. The advisory aims to "inform federal and state,...

10CVSS3.4AI score0.99999EPSS
Exploits963
Talos Blog
Talos Blog
added 2022/09/06 12:0 p.m.13 views

Researcher Spotlight: How Asheer Malhotra looks for ‘instant gratification’ in threat hunting

The India native has transitioned from a reverse-engineer hobbyist to a public speaker in just a few years By Jon Munshaw. Ninety percent of Asheer Malhotra’s work will never see the light of day. But it’s that 10 percent that keeps him motivated to keep looking for something new. The Talos...

0.4AI score
Exploits0
Talos Blog
Talos Blog
added 2022/08/25 6:0 p.m.46 views

Threat Source newsletter (Aug. 25, 2022) — We're still not talking about Ukraine enough

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. Russia’s invasion of Ukraine was once the most talked about story in the world. Six months into the conflict, modern attention spans have moved on to other news stories. But Ukraine Independence Day yesterday should...

0.09785EPSS
Exploits0
Talos Blog
Talos Blog
added 2022/08/04 6:0 p.m.50 views

Threat Source newsletter (Aug. 4, 2022) — BlackHat 2022 preview

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. After what seems like forever and honestly has been a really long time, we’re heading back to BlackHat in-person this year. We’re excited to see a lot of old friends again to commiserate, hang out, trade stories and...

0.9817EPSS
Exploits1
Talos Blog
Talos Blog
added 2022/07/21 12:0 p.m.377 views

Attackers target Ukraine using GoMet backdoor

Executive summary Since the Russian invasion of Ukraine began, Ukrainians have been under a nearly constant barrage of cyber attacks. Working jointly with Ukrainian organizations, Cisco Talos has discovered a fairly uncommon piece of malware targeting Ukraine — this time aimed at a large software...

10CVSS0.4AI score0.99999EPSS
Exploits69
ICS
ICS
added 2022/06/10 12:0 p.m.116 views

People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices

Summary Best Practices • Apply patches as soon as possible • Disable unnecessary ports and protocols • Replace end-of-life infrastructure • Implement a centralized patch management system This joint Cybersecurity Advisory describes the ways in which People’s Republic of China PRC state-sponsored...

10CVSS10AI score0.99999EPSS
Exploits140References117
The Hacker News
The Hacker News
added 2022/04/21 3:36 a.m.48 views

Five Eyes Nations Warn of Russian Cyber Attacks Against Critical Infrastructure

The Five Eyes nations have released a joint cybersecurity advisory warning of increased malicious attacks from Russian state-sponsored actors and criminal groups targeting critical infrastructure organizations amidst the ongoing military siege on Ukraine. "Evolving intelligence indicates that the...

1.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/03/23 3:1 p.m.10 views

CISA Warns CISOs to Brace for Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA, a United States federal agency under the oversight of the Department of Homeland Security, is urging business leaders and those responsible for digital security to prepare for attacks and adapt their digital security posture. This is...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/17 5:42 a.m.613 views

U.S. Says Russian Hackers Stealing Sensitive Data from Defense Contractors

State-sponsored actors backed by the Russian government regularly targeted the networks of several U.S. cleared defense contractors CDCs to acquire proprietary documents and other confidential information pertaining to the country's defense and intelligence programs and capabilities. The sustaine...

9.8CVSS0.8AI score0.99999EPSS
Exploits56
Rows per page
Query Builder