Lucene search
K
TalosblogRecent

2032 matches found

Talos Blog
Talos Blog
added 2022/12/08 4:3 p.m.15 views

2022 Year in Review Livestream

Did you miss our livestream focused on the Ukraine topics presented in the Cisco Talos Year in Review report? Join host Hazel Burton and special guests Kendall McKay, Nick Randolph, and Vanja Svajcer as they discuss Talos now-years-long critical infrastructure effort in Ukraine. Their breifing...

0.3AI score
Exploits0
Talos Blog
Talos Blog
added 2022/12/08 3:38 p.m.11 views

TEST-2022 Talos Year in Review Report-TEST

...

2.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/12/07 6:50 p.m.26 views

Vulnerability Spotlight: Memory corruption vulnerability discovered in PowerISO

Piotr Bania of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a memory corruption vulnerability in PowerISO. TALOS-2022-1644 CVE-2022-41992 is a memory corruption vulnerability that exists in the VHD File Format parsing functionality of PowerISO 8.3. A specially crafte...

2.3AI score0.00469EPSS
Exploits1
Talos Blog
Talos Blog
added 2022/12/06 4:9 p.m.40 views

Vulnerability Spotlight: NVIDIA driver memory corruption vulnerabilities discovered

Piotr Bania of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two memory corruption vulnerabilities in shader functionality of an NVIDIA driver. NVIDIA Graphics drivers are software for NVIDIA Graphics GPU installed on the PC. They are used to communicate between th...

1.5AI score0.01387EPSS
Exploits0
Talos Blog
Talos Blog
added 2022/12/02 3:45 p.m.10 views

Protecting major events: an incident response blueprint

The cyber security of major events, whether they are related to sports, professional conferences, expos or other events can be a time-consuming, complex undertaking. It necessitates a multifaceted approach and the involvement of multiple entities, including but not limited to the vendors,...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2022/12/01 3:47 p.m.28 views

Vulnerability Spotlight: Lansweeper directory traversal and cross-site scripting vulnerabilities

Marcin Icewall Noga of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several directory traversal and cross-site scripting vulnerabilities in Lansweeper. Lansweeper is an IT Asset Management solution that gathers hardware and software information of computers and...

0.1AI score0.60199EPSS
Exploits5
Talos Blog
Talos Blog
added 2022/11/29 1:0 p.m.16 views

Researcher Spotlight: How working for Talos started out as an ‘accident’ for Ashlee Benge before coming a second career

Talos lead of data strategy and insights has a lot of weight on her shoulders currently, but its nothing shes not used to Most people who first meet Ashlee Benge do a double take when they hear about her past experience. The average security practitioner at a networking event may share that they...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2022/11/22 3:56 p.m.24 views

Vulnerability Spotlight: Callback Technologies CBFS Filter denial-of-service vulnerabilities

Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered three denial-of-service vulnerabilities in Callback Technologies CBFS Filter. Callback Technologies has a CBFS file storage solution for use in customizing data persistence on devices. To accompany...

1.5AI score0.00329EPSS
Exploits3
Talos Blog
Talos Blog
added 2022/11/18 5:42 p.m.21 views

Threat Round up for November 11 to 18

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Nov. 11 and Nov. 18. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/11/17 7:1 p.m.40 views

Threat Source newsletter (Nov. 17, 2022): Hot off the press! The Snort 2023 Calendar is here

Welcome to this weeks edition of the Threat Source newsletter. Its everyones favorite time of year again and no, I dont mean the impending holidays. The Snort 2023 calendar is finally here, and yall, its a good one. Packed full of classic memes and punny Snorties, the calendar is sure to delight...

4.9AI score0.00834EPSS
Exploits0
Talos Blog
Talos Blog
added 2022/11/17 1:1 p.m.17 views

Get a Loda This: LodaRAT meets new friends

LodaRAT samples were deployed alongside other malware families, including RedLine and Neshta. Cisco Talos identified several variants and altered versions of LodaRAT with updated functionality have been seen in the wild. Changes in these LodaRAT variants include new functionality allowing...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2022/11/15 9:9 p.m.30 views

Vulnerability Spotlight: Microsoft Office class attribute double-free vulnerability

Marcin Icewall Noga of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered a class attribute double-free vulnerability in Microsoft Office. Microsoft Office is a suite of tools used for productivity in both a corporate environment as well as by end-users. It offers a ran...

2AI score0.02224EPSS
Exploits0
Talos Blog
Talos Blog
added 2022/11/10 9:31 p.m.22 views

Threat Source newsletter (Nov. 10, 2022): Vulnerability research, movies in class, and Emotet once again

Welcome to this weeks edition of the Threat Source newsletter. Tuesday was an absolute hammer for the infosec community. Not only did we have the US elections but we had Emotet returning and a regular Microsoft Tuesday release. That release always leads me to think about the bug hunting ecosystem...

Exploits0
Talos Blog
Talos Blog
added 2022/11/10 8:27 p.m.35 views

Vulnerability Spotlight: Use-after-free vulnerabilities in Foxit Reader could lead to arbitrary code execution

Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several use-after-free vulnerabilities in Foxit Reader that could lead to arbitrary code execution. The Foxit Reader is one of the most popular PDF document readers, which aims to have feature pari...

1.5AI score0.0135EPSS
Exploits3
Talos Blog
Talos Blog
added 2022/11/09 1:0 p.m.15 views

Threat Spotlight: Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns

The InterPlanetary File System IPFS is an emerging Web3 technology that is currently seeing widespread abuse by threat actors. Cisco Talos has observed multiple ongoing campaigns that leverage the IPFS network to host their malware payloads and phishing kit infrastructure while facilitating other...

Exploits0
Talos Blog
Talos Blog
added 2022/11/08 6:22 p.m.246 views

Microsoft Patch Tuesday for November 2022 — Snort rules and prominent vulnerabilities

Microsoft released its monthly security update on Tuesday, disclosing 62 vulnerabilities. Of these vulnerabilities, 8 are classified as "Critical" and the rest are classified as "Important." Three of the critical entries are remote code execution RCE vulnerabilities for Windows Point-to-Point...

1AI score0.77326EPSS
Exploits4
Talos Blog
Talos Blog
added 2022/11/08 4:38 p.m.19 views

Emotet coming in hot

Emotet is a ubiquitous and well-known banking trojan that has evolved over the years to become a very successful modular botnet capable of dropping a variety of other threats. Even after a global takedown campaign in early 2021 disrupted the botnet, it reemerged later that year, rebuilding its...

7.6AI score
Exploits0
Talos Blog
Talos Blog
added 2022/11/08 2:33 p.m.22 views

The Company You Keep – Preparing for supply chain attacks with Talos IR

Given the increasing frequency of supply chain attacks, the sophistication of those attacks, and the expansion of the attack surface beyond an organizations direct control, incident preparedness and response activities must be considered in the overall supply chain risk mitigation strategy. Suppl...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/11/04 7:23 p.m.42 views

Threat Roundup for October 28 to November 4

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Oct. 28 and Nov. 4. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

0.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/11/03 8:48 p.m.50 views

Threat Source newsletter (Nov. 3, 2022): Mastodon, evolution, and LiveJournal oh my!

Welcome to this weeks edition of the Threat Source newsletter. Im fascinated by how things live and die on the internet. Things that are ubiquitous to our daily lives are simply gone the next. LiveJournal and Myspace we hardly knew you. Elon Musks purchase of Twitter and the subsequent exodus led...

8.5AI score0.9077EPSS
Exploits6
Talos Blog
Talos Blog
added 2022/11/01 7:3 p.m.70 views

Threat Advisory: High Severity OpenSSL Vulnerabilities

In late October two new buffer overflow vulnerabilities, CVE-2022-3602 and CVE-2022-3786, were announced in OpenSSL versions 3.0.0 to 3.0.6. These vulnerabilities can be exploited by sending an X.509 certificate with a specially crafted email address, potentially causing a buffer overflow resulti...

1.7AI score0.92488EPSS
Exploits6
Talos Blog
Talos Blog
added 2022/10/31 6:59 p.m.14 views

Researcher Spotlight: How Azim Khodjibaev went from hunting real-world threats to threats on the dark web

A case study in why cybersecurity experience is not a prerequisite to work in security Azim Khodjibaev knows all sides of the "security" industry. That doesnt just cover cybersecurity, either -- he spent the first part of his career ensuring the physical safety of civilians and military personnel...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/28 7:12 p.m.35 views

Threat Roundup for October 21 to October 28

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Oct. 21 and Oct. 28. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

0.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/28 1:3 p.m.16 views

See Yourself in Cyber: A Cybersecurity Awareness Month recap

As yet another October comes to an end, so does another Cybersecurity Awareness Month. Since 2004 when the President of the United States and Congress declared October Cybersecurity Awareness Month, weve taken the time to share our cybersecurity knowledge with the broader general public year afte...

7AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/27 6:0 p.m.44 views

Threat Source newsletter (Oct. 27, 2022): I thought we were already aware of supply chain attacks?

Welcome to this weeks edition of the Threat Source newsletter. There are plenty of jokes about whether were "aware" of cybersecurity during National Cybersecurity Awareness Month. But now Im wondering if people are aware of supply chain attacks. I thought we hit the pinnacle of supply chain attac...

7.9AI score0.05557EPSS
Exploits0
Talos Blog
Talos Blog
added 2022/10/27 3:4 p.m.44 views

Vulnerability Spotlight: Vulnerabilities in InHand router could give attackers access to console, delete files

Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several vulnerabilities in InHand Networks InRouter302 that could allow an attacker to access the routers console and make changes to the routers settings, including security protocols. The InRout...

0.9AI score0.01487EPSS
Exploits4
Talos Blog
Talos Blog
added 2022/10/25 12:0 p.m.66 views

Quarterly Report: Incident Response Trends in Q3 2022

Ransomware and pre-ransomware engagements make up 40 percent of threats seen this quarter For the first time since compiling these reports, Cisco Talos Incident Response saw an equal number of ransomware and pre-ransomware engagements, making up nearly 40 percent of threats this quarter. It can b...

9.3CVSS0.6AI score0.99999EPSS
Exploits428
Talos Blog
Talos Blog
added 2022/10/25 12:0 p.m.72 views

Quarterly Report: Incident Response Trends in Q3 2022

Ransomware and pre-ransomware engagements make up 40 percent of threats seen this quarter By Caitlin Huey. For the first time since compiling these reports, Cisco Talos Incident Response saw an equal number of ransomware and pre-ransomware engagements, making up nearly 40 percent of threats this...

9.3CVSS0.6AI score0.99999EPSS
Exploits428
Talos Blog
Talos Blog
added 2022/10/21 7:50 p.m.25 views

Threat Roundup for October 14 to October 21

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 14 and Oct. 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

7AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/20 6:0 p.m.27 views

Threat Source newsletter (Oct. 20, 2022) — Shields Up! No seriously, Shields Waaaaay Up

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. I’m very excited about this video I’ve embedded below — it’s a project I’ve been working on with my team for a while now. Building off what I’ve written about in the past regarding fake news, this video examines what...

0.5AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/20 6:0 p.m.12 views

Threat Source newsletter (Oct. 20, 2022) — Shields Up! No seriously, Shields Waaaaay Up

By Jon Munshaw. Welcome to this weeks edition of the Threat Source newsletter. Im very excited about this video -- its a project Ive been working on with my team for a while now. Building off what Ive written about in the past regarding fake news, this video examines what essentially equates to t...

0.5AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/20 1:27 p.m.33 views

Vulnerability Spotlight: Vulnerabilities in Abode Systems home security kit could allow attacker to take over cameras, remotely disable them

Matt Wiseman of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered several vulnerabilities in the Abode Systems iota All-In-One Security Kit. This kit includes a main security camera and hub that can alert users of unwanted movement in their homes. It also includes...

1.2AI score0.05332EPSS
Exploits22
Talos Blog
Talos Blog
added 2022/10/20 1:27 p.m.35 views

Vulnerability Spotlight: Vulnerabilities in Abode Systems home security kit could allow attacker to take over cameras, remotely disable them

Matt Wiseman of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered several vulnerabilities in the Abode Systems iota All-In-One Security Kit. This kit includes a main security camera and hub that can alert users of unwanted movement in their homes. ...

1.2AI score0.05332EPSS
Exploits22
Talos Blog
Talos Blog
added 2022/10/18 12:0 p.m.18 views

The benefits of taking an intent-based approach to detecting Business Email Compromise

By Abhishek Singh. BEC is a multi-stage attack. Adversaries first identify targets, then they establish rapport with the victim before exploiting them for whatever their end goal is. In the case of BEC, a threat actor can impersonate any employee in the organization to trick targets. A policy tha...

6.8AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/18 12:0 p.m.18 views

The benefits of taking an intent-based approach to detecting Business Email Compromise

BEC is a multi-stage attack. Adversaries first identify targets, then they establish rapport with the victim before exploiting them for whatever their end goal is. In the case of BEC, a threat actor can impersonate any employee in the organization to trick targets. A policy that checks for...

6.8AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/14 7:20 p.m.21 views

Threat Roundup for October 7 to October 14

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 7 and Oct. 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

6.8AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/14 1:2 p.m.15 views

Video: How propaganda can spread on social media via memes, fake news

Cisco Talos is well-known for its work in spotting and defeating fake news, disinformation and misinformation. And state-sponsored actors, unwitting social media users and even direct government agencies have played a part in spreading fake news during Russia's invasion of Ukraine. In this video,...

2.9AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/14 1:2 p.m.14 views

Video: How propaganda can spread on social media via memes, fake news

Cisco Talos is well-known for its work in spotting and defeating fake news, disinformation and misinformation. And state-sponsored actors, unwitting social media users and even direct government agencies have played a part in spreading fake news during Russias invasion of Ukraine. In this video,...

2.9AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/13 6:0 p.m.44 views

Threat Source newsletter (Oct. 13, 2022) — Cybersecurity Awareness Month is all fun and memes until someone gets hurt

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. October is National Cybersecurity Awareness Month. Which, if you’ve been on social media at all the past 13 days or read any cybersecurity news website, you surely know already. As it does every year, I saw...

9.3AI score0.02618EPSS
Exploits0
Talos Blog
Talos Blog
added 2022/10/13 12:0 p.m.48 views

Alchimist: A new attack framework in Chinese for Mac, Linux and Windows

By Chetan Raghuprasad, Asheer Malhotra and Vitor Ventura, with contributions from Matt Thaxton. Cisco Talos discovered a new attack framework including a command and control C2 tool called "Alchimist" and a new malware "Insekt" with remote administration capabilities. The Alchimist has a web...

7.2CVSS0.4AI score0.94921EPSS
Exploits151
Talos Blog
Talos Blog
added 2022/10/13 12:0 p.m.46 views

Alchimist: A new attack framework in Chinese for Mac, Linux and Windows

Contributions from Matt Thaxton. Cisco Talos discovered a new attack framework including a command and control C2 tool called "Alchimist" and a new malware "Insekt" with remote administration capabilities. The Alchimist has a web interface in Simplified Chinese with remote administration features...

7.2CVSS0.3AI score0.94921EPSS
Exploits151
Talos Blog
Talos Blog
added 2022/10/12 7:33 p.m.50 views

Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service

Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely. The Robustel R1510 router is a...

7.5CVSS1.1AI score0.35165EPSS
Exploits12
Talos Blog
Talos Blog
added 2022/10/12 7:33 p.m.64 views

Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service

Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely. The Robustel R1510...

7.5CVSS1AI score0.35165EPSS
Exploits12
Talos Blog
Talos Blog
added 2022/10/11 6:11 p.m.367 views

Microsoft Patch Tuesday for October 2022 — Snort rules and prominent vulnerabilities

By Jon Munshaw and Vanja Svajcer. Microsoft released its monthly security update Tuesday, disclosing 83 vulnerabilities across the company’s hardware and software line, including seven critical issues in Windows’ point-to-point tunneling protocol. October's security update features 11 critical...

0.02618EPSS
Exploits4
Talos Blog
Talos Blog
added 2022/10/11 6:1 p.m.55 views

Microsoft Patch Tuesday for October 2022 — Snort rules and prominent vulnerabilities

Microsoft released its monthly security update Tuesday, disclosing 83 vulnerabilities across the companys hardware and software line, including seven critical issues in Windows point-to-point tunneling protocol. Octobers security update features 11 critical vulnerabilities, with the remainder bei...

0.02618EPSS
Exploits4
Talos Blog
Talos Blog
added 2022/10/11 2:21 p.m.36 views

Vulnerability Spotlight: Data deserialization in VMware vCenter could lead to remote code execution

Marcin "Icewall" Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable data deserialization vulnerability in the VMware vCenter server platform. VMware is one of the most popular virtual machine solutions currently available, and its vCenter software...

1.6AI score0.33064EPSS
Exploits1
Talos Blog
Talos Blog
added 2022/10/10 2:21 p.m.38 views

Vulnerability Spotlight: Data deserialization in VMware vCenter could lead to remote code execution

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable data deserialization vulnerability in the VMware vCenter server platform. VMware is one of the most popular virtual machine solutions currently available, and it...

1.4AI score0.33064EPSS
Exploits1
Talos Blog
Talos Blog
added 2022/10/07 9:38 p.m.22 views

Threat Roundup for September 30 to October 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 30 and Oct. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

6.9AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/07 9:5 p.m.16 views

Threat Roundup for September 30 to October 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 30 and Oct. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

6.9AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/07 2:11 p.m.28 views

Vulnerability Spotlight: Issue in Hancom Office 2020 could lead to code execution

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable memory corruption vulnerability in Hancom Office 2020. Hancom Office is a popular software collection among South Korean users that offers similar products to...

0.9AI score0.00499EPSS
Exploits1
Total number of security vulnerabilities2032