Lucene search
K
TalosblogRecent

2033 matches found

Talos Blog
Talos Blog
added 2022/03/04 8:9 a.m.16 views

Cisco stands on guard with our customers in Ukraine

As the Russia-led invasion intensifies, Ukraine is being attacked by bombs and bytes. Cisco is working around the clock on a global, company-wide effort to protect our customers there and ensure that nothing goes dark. Cisco Talos has taken the extraordinary step of directly operating security...

2.7AI score
Exploits0
Talos Blog
Talos Blog
added 2022/03/03 1:23 p.m.14 views

Talos on the developing situation in Ukraine

In the last month, Talos has seen a shift in activity in response to the unjust invasion of Ukraine. This post is meant to serve as our executive overview of the situation and provide you with the most up-to-date information and security content from Talos. As with any highly fluid or dynamic...

2.2AI score
Exploits0
Talos Blog
Talos Blog
added 2022/03/02 6:1 a.m.12 views

Crowd-sourced attacks present new risk of crisis escalation

By Matt Olney.An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques. Customers who are typically focused on top-tier, state-sponsored attacks should remain aware of these highly motivated threat actors, as... This ...

3.4AI score
Exploits0
Talos Blog
Talos Blog
added 2022/03/02 5:23 a.m.36 views

Threat Advisory: HermeticWiper

Update: March 1, 2022 Cisco Talos is aware of reporting related to additional components discovered to be associated with ongoing HermeticWiper attacks. These additional components include:HermeticWizard, which allows HermeticWiper to be propagated to and deployed on additional systems within...

1.6AI score
Exploits0
Talos Blog
Talos Blog
added 2022/03/01 6:42 a.m.13 views

Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections

Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in the Lansweeper IT asset management solution that could allow an attacker to inject JavaScript or SQL code on the targeted... This is only the...

1.4AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/28 7:43 a.m.11 views

Vulnerability Spotlight: Vulnerabilities in Gerbv could lead to code execution, information disclosure

Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in the Gerbv file viewing software that could allow an attacker to execute arbitrary remote code or disclose sensitive information. Gerbv is an... This is...

2.6AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/25 11:44 a.m.10 views

Threat Roundup for February 18 to February 25

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 18 and Feb. 25. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/23 11:16 a.m.22 views

Time to secure hybrid work for 2022, not 2002

By Nick Biasini, with contributions from Vitor Ventura. Editor’s note: This post is the first in a new series from Talos looking at high-level topics across the cybersecurity space. Our researchers rely on years of expertise, data, and tremendous visibility; applying what we can learn from...

2.9AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/23 8:58 a.m.13 views

Vulnerability Spotlight: Buffer overflow vulnerabilities in Accusoft ImageGear could lead to code execution

Francesco Benvenuto and Emmanuel Tacheau of Cisco Talos and another team member discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in Accusoft ImageGear. The ImageGear library is a document-imaging developer toolkit that... This is only...

1.8AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/18 2:33 p.m.13 views

Threat Roundup for February 11 to February 18

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 11 and Feb. 18. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/16 11:15 a.m.13 views

Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution

Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered a vulnerability in Hancom Office — a popular software suite in South Korea — that could allow an attacker to corrupt memory on the targeted machine or execute remote... This...

1.6AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/11 1:22 p.m.15 views

Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login

Patrick DeSantis of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Moxa's MXview network management software that could allow an attacker to view sensitive data or bypass the need to log into the device. MXview... This is...

3.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/11 11:28 a.m.13 views

Threat Roundup for February 4 to February 11

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 4 and Feb. 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/11 9:7 a.m.14 views

Beers with Talos, Ep. #116: Let's wade into the MuddyWater filled with Vipers

Beers with Talos BWT Podcast episode No. 116 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherRecorded Feb. 4, 2022. If iTunes and Google Play aren't your thing, click here. Most people... This is only the beginning! Please...

2.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/09 5:6 a.m.15 views

What’s with the shared VBA code between Transparent Tribe and other threat actors?

By Vanja Svajcer and Vitor Ventura. Recently, we've been researching several threat actors operating in South Asia: Transparent Tribe, SideCopy, etc., that deploy a range of remote access trojans RATs. After a hunting session in our malware sample repositories and VirusTotal while looking into...

3.6AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/08 10:57 a.m.10 views

Microsoft Patch Tuesday for Feb. 2022 — Snort rules and prominent vulnerabilities

By Jon Munshaw and Chris Neal. Microsoft released its monthly security update Tuesday, disclosing 51 vulnerabilities across its large collection of hardware and software. None of the vulnerabilities disclosed this month are considered “critical,” an extreme rarity for the company’s... This is onl...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/07 6:56 a.m.14 views

Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables

By Asheer Malhotra and Vitor Ventura. Cisco Talos has observed a new campaign targeting Turkish private organizations alongside governmental institutions. Talos attributes this campaign with high confidence to MuddyWater — an APT group recently attributed to Iran's Ministry of Intelligence and...

3.2AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/07 6:56 a.m.15 views

Vulnerability Spotlight: Multiple vulnerabilities in Sealevel SeaConnect

Francesco Benvenuto and Matt Wiseman of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered several vulnerabilities in Sealevel Systems Inc.’s SeaConnect internet-of-things edge device — many of which could allow an attacker to conduct a... This is...

1.9AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/07 6:55 a.m.14 views

Vulnerability Spotlight: Use-after-free in Google Chrome could lead to code execution

Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser... This is only t...

3AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/04 12:2 p.m.15 views

Threat Roundup for January 28 to February 4

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 28 and Feb. 4. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/02/02 5:4 a.m.17 views

Arid Viper APT targets Palestine with new wave of politically themed phishing attacks, malware

By Asheer Malhotra and Vitor Ventura. Cisco Talos has observed a new wave of Delphi malware called Micropsia developed and operated by the Arid Viper APT group since 2017.This campaign targets Palestinian entities and activists using politically themed lures.The latest iteration of the implant...

2.2AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/31 6:43 a.m.18 views

Vulnerability Spotlight: Memory corruption and use-after-free vulnerabilities in Foxit PDF Reader

Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered a memory corruption and use-after-free vulnerability in the Foxit PDF Reader. Foxit PDF Reader is one of the most popular PDF document readers currently... This is only the...

1.7AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/28 12:21 p.m.11 views

Threat Roundup for January 21 to January 28

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 21 and Jan. 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/27 11:0 a.m.12 views

Threat Source Newsletter (Jan. 27, 2022)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. It's great to have New Year's resolutions and all. But we don't want you taking the wrong lessons away from 2021, either. Like just because Log4j happened doesn't mean you should stop logging or stop using open-source... This is on...

1.8AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/27 8:12 a.m.12 views

Beers with Talos, Ep. #115: Everybody's measured by quarters — even threat actors

Beers with Talos BWT Podcast episode No. 115 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherRecorded Jan. 14, 2022. If iTunes and Google Play aren't your thing, click here. We wanted... This is only the beginning! Please...

1.7AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/26 1:9 p.m.14 views

Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions

Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered several vulnerabilities in the Reolink RLC-410W security camera that could allow an attacker to perform several malicious actions, including performing man-in-the-middle... Th...

1.2AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/25 9:31 a.m.21 views

Vulnerability Spotlight: Vulnerability in Apple iOS, iPad OS and MacOS could lead to disclosure of sensitive memory data

Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered an out-of-bounds read vulnerability in Apple’s macOS and iOS operating systems that could lead to the disclosure of sensitive memory content. An attacker could capitalize on that... Th...

1.8AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/24 8:4 a.m.12 views

Ukraine Campaign Delivers Defacement and Wipers, in Continued Escalation

Authored by Nick Biasini, Michael Chen, Chris Neal, and Matt Olney with Contributions from Dmytro Korzhevin. Several cyber attacks against Ukrainian government websites — including website defacements and destructive wiper malware — have made headlines over the past few weeks as military... This ...

3.2AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/22 5:45 a.m.11 views

Talos Incident Response year-in-review for 2021

By David Liebenberg. Cisco Talos Incident Response CTIR, as with everyone else in the cybersecurity world, dealt with a bevy of threats last year, as responders dealt with an expanding set of ransomware adversaries and several major cybersecurity incidents affecting organizations worldwide,... Th...

2.4AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/21 11:38 a.m.12 views

Threat Roundup for January 14 to January 21

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 14 and Jan. 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/20 11:0 a.m.12 views

Threat Source Newsletter (Jan. 20, 2022)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. Even though we're nearly a month into 2022, we're still not quite ready to move on from 2021. That's why next week, we'll be going live on social media to talk about some of the top cybersecurity stories from the past... This is on...

3.8AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/14 2:20 p.m.12 views

Threat Roundup for January 7 to January 14

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 7 and Jan. 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/14 7:16 a.m.15 views

Talos Takes Ep. #82: Log4j followed us in 2022

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. It's a new year, but unfortunately, we're facing the same cybersecurity problems. Log4j followed us into the holidays,...

2AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/13 11:0 a.m.9 views

Threat Source Newsletter (Jan. 13, 2022)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. Move out of the way, Log4j! Traditional malware is back with a bang in 2022. While Log4j is likely still occupying many defenders' minds, the bad guys are still out there doing not-Log4j things. We have new research out... This is...

2.9AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/13 8:12 a.m.12 views

Beers with Talos, Ep. #114: And then there were two...

Beers with Talos BWT Podcast episode No. 114 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherRecorded Dec. 9, 2021. If iTunes and Google Play aren't your thing, click here. We joked... This is only the beginning! Please vis...

2.6AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/12 5:2 a.m.13 views

Nanocore, Netwire and AsyncRAT spreading campaign uses public cloud infrastructure

By Chetan Raghuprasad and Vanja Svajcer. Cisco Talos discovered a malicious campaign in October 2021 delivering variants of Nanocore, Netwire and AsyncRATs targeting user's information. According to Cisco Secure product telemetry, the victims of this campaign are primarily distributed across the...

2.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/11 2:12 p.m.13 views

Microsoft Patch Tuesday for Jan. 2022 — Snort rules and prominent vulnerabilities

By Jon Munshaw and Vitor Ventura. Microsoft released its monthly security update Tuesday, disclosing 102 vulnerabilities across its large collection of hardware and software. This is the largest amount of vulnerabilities Microsoft has disclosed in a monthly security update in eight months,... Thi...

0.8AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/11 9:9 a.m.12 views

Vulnerability Spotlight: Two vulnerabilities in Adobe Acrobat DC could lead to arbitrary code execution

Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Adobe Acrobat Reader DC that could allow an attacker to eventually gain the ability to execute arbitrary code. Acrobat is one of the most... This is only...

2.8AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/11 7:7 a.m.12 views

Vulnerability Spotlight: Heap buffer overflow condition in Google Chrome could lead to code execution

Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of... This is only t...

1.6AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/11 5:29 a.m.14 views

Vulnerability Spotlight: Buffer overflow vulnerability in AnyCubic Chitubox plugin

Carl Hurd of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in the Chitubox AnyCubic plugin. Chitubox is 3-D printing software for users to download and process models and send them... This is...

1.6AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/07 1:41 p.m.12 views

Threat Roundup for December 31 to January 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 31 and Jan. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

1.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/06 11:0 a.m.12 views

Threat Source Newsletter (Jan. 6, 2022)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. We hope everyone had some well-deserved, relaxing time off over the holidays. Unfortunately, we are all back now and Log4j is still an issue. And even though it seems like Log4j has already been in the news for a year,... This is...

2.1AI score
Exploits0
Talos Blog
Talos Blog
added 2022/01/06 10:45 a.m.35 views

Threat Advisory: Critical Apache Log4j vulnerability being exploited in the wild

Update History Date Description of UpdatesDec. 20, 2021Additional coverage and IOCs; additional detection capabilities for customers via Cisco Global Threat Alerts. Dec. 18, 2021Additional mitigation guidance; updated coverage information. Dec. 17, 2021Added additional vulnerability and... This i...

2.3AI score
Exploits0
Talos Blog
Talos Blog
added 2021/12/27 6:0 a.m.15 views

2021: Looking back on the year in malware and cyber attacks, from SolarWinds to Log4j

By Jon Munshaw. It seems like we were just recovering from the aftermath of the massive SolarWinds campaign a month or two ago. And now suddenly, it’s been a year since one of the largest cyber attacks in history and moving onto another threat that could last for years. That just seemed to be...

3AI score
Exploits0
Talos Blog
Talos Blog
added 2021/12/21 7:21 a.m.8 views

Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution

A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in the DaVinci Resolve video editing software that could allow an adversary to execute code in the context of the application. DaVinci Resolve is a... This is only...

2.6AI score
Exploits0
Talos Blog
Talos Blog
added 2021/12/20 10:13 a.m.15 views

Vulnerability Spotlight: Vulnerabilities in metal detector peripheral could allow attackers to manipulate security devices

Matt Wiseman of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in a device from Garrett Metal Detectors that could allow remote attackers to bypass authentication requirements, manipulate metal detector... This is only t...

3.4AI score
Exploits0
Talos Blog
Talos Blog
added 2021/12/16 11:26 a.m.15 views

Threat Source Newsletter (Dec. 16, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. I'm just going to cut to the chase since I know all anyone wants to read about is Log4J. For the latest Talos research, continually check back on our blog post here. Above is the live stream we recorded Monday morning... This is on...

3.8AI score
Exploits0
Talos Blog
Talos Blog
added 2021/12/15 9:2 a.m.15 views

Beers with Talos, Ep. #112: A new host approaches!

Beers with Talos BWT Podcast episode No. 112 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherIf iTunes and Google Play aren't your thing, click here. We promised it wouldn't be long... This is only the beginning! Please vis...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2021/12/10 1:17 p.m.11 views

Threat Roundup for December 3 to December 10

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 3 and Dec. 10. As with previous roundups, this post isn't meant tobifj be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral... This is...

1.2AI score
Exploits0
Talos Blog
Talos Blog
added 2021/12/10 11:30 a.m.13 views

Talos Takes Ep. #80: I'll have a blue Christmas without a CTIR retainer

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. It's the holiday season, which means last-minute shopping, family time and cheer. Oh, and it's never a bad time to... This...

0.4AI score
Exploits0
Total number of security vulnerabilities2033