Lucene search
K
TalosblogRecent

2032 matches found

Talos Blog
Talos Blog
added 2021/06/08 10:43 a.m.17 views

Microsoft Patch Tuesday for June 2021 — Snort rules and prominent vulnerabilities

By Jon Munshaw, with contributions from Edmund Brumaghin. Microsoft released its monthly security update Tuesday, disclosing 51 vulnerabilities across its suite of products, breaking last month’s 16-month record of the fewest vulnerabilities disclosed in a month by the company. There... This is...

1.5AI score
Exploits0
Talos Blog
Talos Blog
added 2021/06/08 6:11 a.m.45 views

Vulnerability Spotlight: Use-after-free vulnerability in WebKit

Marcin Towalski of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. The WebKit browser engine contains a use-after-free vulnerability in its GraphicsContext function. A malicious web page code could trigger a use-after-free error, which could lead to a potential information...

2AI score
Exploits0
Talos Blog
Talos Blog
added 2021/06/07 6:52 a.m.57 views

Necro Python bot adds new exploits and Tezos mining to its bag of tricks

By Vanja Svajcer, with contributions from Caitlin Huey and Kendall McKay. News summarySome malware families stay static in terms of their functionality. But a newly discovered malware campaign utilizing the Necro Python bot shows this actor is adding new functionality and improving its chances...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2021/06/07 5:2 a.m.36 views

Intelligence-driven disruption of ransomware campaigns

By Neil Jenkins and Matthew Olney. Note: Our guest co-author, Neil Jenkins, is the Chief Analytic Officer at the Cyber Threat Alliance. He leads the CTA's analytic efforts, focusing on the development of threat profiles, adversary playbooks and other analysis using the threat intelligence in the...

3AI score
Exploits0
Talos Blog
Talos Blog
added 2021/06/04 11:11 a.m.20 views

Threat Roundup for May 28 to June 4

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 28 and June 4. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

1.1AI score
Exploits0
Talos Blog
Talos Blog
added 2021/06/03 11:0 a.m.44 views

Threat Source newsletter (June 3, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. If you didn't catch us live yesterday, we've uploaded the full version of our stream on Discord and Slack malware to our YouTube page. Chris Neal from Talos Outreach walked through his recent research into these campaigns... This i...

2.7AI score
Exploits0
Talos Blog
Talos Blog
added 2021/06/02 7:4 a.m.51 views

Vulnerability Spotlight: A deep dive into macOS SMB server

By Aleksandar Nikolich.Executive summary Cisco Talos recently discovered multiple vulnerabilities in macOS’s implementation of SMB server. An adversary could exploit these vulnerabilities to carry out a variety of malicious actions, including revealing sensitive information on the server,...

2.2AI score
Exploits0
Talos Blog
Talos Blog
added 2021/06/02 5:23 a.m.45 views

Vulnerability Spotlight: Multiple vulnerabilities in Accusoft ImageGear

Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in Accusoft ImageGear. The ImageGear library is a document-imaging developer toolkit that allows users to create, edit, annotate and convert various...

1.8AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/28 9:32 a.m.34 views

Threat Roundup for May 21 to May 28

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 21 and May 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/28 7:30 a.m.40 views

Talos Takes Ep. #55: How Transparent Tribe could evolve in the future

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We recently covered how the Transparent Tribe APT added another RAT to its arsenal. Where might they go from here? In...

1.8AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/27 11:0 a.m.33 views

Threat Source newsletter (May 27, 2021)

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We're used to referring to attackers as either APTs or not APTs. And when something is an APT, it sounds a lot scarier and sexier. But it's our belief that that isn't going to cut it anymore. Therefore, we propose in a... This is...

2.6AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/26 7:16 a.m.41 views

Elizabethan England has nothing on modern-day Russia

This post was authored by Warren Mercer and Vitor Ventura The threat landscape is changing. Organizations need to defend against an ever-evolving tranche of threat actors. For a long time, the lines that distinguish state-sponsored and crimeware groups were well-defined. We believe this is... Thi...

3.4AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/24 9:47 a.m.21 views

Vulnerability Spotlight: Multiple vulnerabilities in Trend Micro Home Network Security Station

Carl Hurd and Kelly Leuschner of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in Trend Micro’s Home Network Security Station. The Home Network Security Station is a device that monitors and protects home... This is only t...

0.2AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/21 12:27 p.m.23 views

Threat Roundup for May 14 to May 21

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 14 and May 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/21 7:3 a.m.19 views

Talos Takes Ep. #54: Incident response is just as much about the relationships as anything else

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Brad Garnett, Cisco Talos Incident Response's fearless leader, joins the show this week to expound more on his recent...

1.3AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/20 11:0 a.m.27 views

Threat Source newsletter (May 20, 2021)

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We know a lot of you may be tired of "content" after RSA week. But we have some more for you! And specifically related to RSA, Cisco Talos Incident Response has new case studies out detailing a few recent engagements... This is on...

2.7AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/20 10:41 a.m.36 views

Vulnerability Spotlight: Heap-based buffer overflow in Google Chrome could lead to code execution

Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source... This is only the...

2.4AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/19 11:54 a.m.21 views

Vulnerability Spotlight: Information disclosure vulnerability in macOS SMB server

Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable integer overflow vulnerability in Apple macOS’ SMB server that could lead to information disclosure. Server Message Block SMB is a network... This is only the...

1.2AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/19 6:51 a.m.23 views

Talos is hiring for several positions — Join our world-class security organization

Cisco Talos continues to build an elite threat intelligence and research group, and we are looking for driven, innovative and diverse security enthusiasts to join us. We are currently hiring for several positions, including multiple security engineer roles and a senior vulnerability... This is on...

1.4AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/18 8:6 a.m.27 views

Beers with Talos Ep. #104: Supply chain has Matt hopping mad like a kangaroo

Beers with Talos BWT Podcast episode No. 104 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify StitcherIf iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded March 30,... This is only the beginning! Please vis...

0.8AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/17 5:0 a.m.38 views

Case Study: Incident Response is a relationship-driven business

Proof that incident response is "the ultimate team sport" By Brad Garnett. Introduction As a seasoned incident responder, and now IR business leader here at Cisco Talos Incident Response CTIR, I have always said that incident response is the ultimate team sport. People are... This is only the...

1.5AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/14 2:12 p.m.19 views

Threat Roundup for May 7 to May 14

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 7 and May 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/14 5:26 a.m.36 views

Talos Takes Ep. #53: The broader lesson of those air fryer vulnerabilities

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. It seemed like everyone on security Twitter had a joke when we disclosed a vulnerability in a WiFi-connected air fryer...

1.4AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/13 11:0 a.m.44 views

Threat Source Newsletter (May 13, 2021)

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. In case you missed the Friday news drop last week, we have an update on the Lemon Duck cryptocurrency miner. It's not as eye-catching as the ransomware attacks that make the news, but Lemon Duck's... This is only the beginning!...

2.4AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/13 5:9 a.m.39 views

Transparent Tribe APT expands its Windows malware arsenal

By Asheer Malhotra, Justin Thattil and Kendall McKay. Transparent Tribe, also known as APT36 and Mythic Leopard, continues to create fake domains mimicking legitimate military and defense organizations as a core component of their operations. Cisco Talos' previous research has mainly linked this...

2.7AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/12 11:3 a.m.48 views

Vulnerability Spotlight: Code execution vulnerability in Adobe Acrobat Reader

Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an arbitrary code execution vulnerability in Adobe Acrobat Reader. Adobe Acrobat Reader is one of the most popular and feature-rich PDF readers on the market.... This is only the...

2.7AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/11 12:3 p.m.33 views

Microsoft Patch Tuesday for May 2021 — Snort rules and prominent vulnerabilities

By Jon Munshaw, with contributions from Chris Neal. Microsoft released its monthly security update Tuesday, disclosing 55 vulnerabilities across its suite of products, the fewest in any month since January 2020. There are only three critical vulnerabilities patched in this month, while... This is...

1.8AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/07 12:54 p.m.13 views

Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs

By Caitlin Huey and Andrew Windsor with contributions from Edmund Brumaghin. Lemon Duck continues to refine and improve upon their tactics, techniques and procedures as they attempt to maximize the effectiveness of their campaigns.Lemon Duck remains relevant as the operators begin to target... Th...

2.7AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/07 10:50 a.m.10 views

Threat Roundup for April 30 to May 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 30 and May 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

1AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/07 7:5 a.m.23 views

Talos Takes Ep. #52: Celebrating World Password Day by talking about getting rid of passwords

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. The internet celebrated World Password Day on Thursday. To celebrate, we had Dave Lewis on the latest episode of Talos...

0.9AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/06 11:0 a.m.9 views

Threat Source Newsletter (May 6, 2021)

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. COVID-19 has changed everything about our lives — no surprise there. So it also shouldn't be shocking that it's changing the way Americans view Tax Day this year. The deadline to file taxes is about a month later... This is only t...

4.3AI score
Exploits0
Talos Blog
Talos Blog
added 2021/05/06 8:12 a.m.18 views

Vulnerability Spotlight: Use-after-free vulnerability in Foxit PDF Reader

Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a use-after-free vulnerability in the Foxit PDF Reader. Foxit PDF Reader is one of the most popular PDF document readers currently available. As a complete... This is only the...

2AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/30 12:10 p.m.20 views

Threat Roundup for April 23 to April 30

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 23 and April 30. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral... This is on...

1.2AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/30 7:0 a.m.33 views

Talos Takes Ep. #51: COVID and Tax Day have perfectly aligned for spammers

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We see tax scams every year — people offering to do your taxes for you, finding a larger return, etc. But this... This is...

1.6AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/29 11:0 a.m.29 views

Threat Source Newsletter (April 29, 2021)

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Ransomware is not just financial extortion. It is crime that transcends business, academic and geographic boundaries. Talos was proud to assist with a newly released report from the international Ransomware Task... This is only th...

3.2AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/27 7:17 a.m.46 views

Vulnerability Spotlight: Information disclosure vulnerability in the Linux Kernel

Lilith and Claudio Bozzato of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an information disclosure vulnerability in the Linux Kernel. The Linux Kernel is the free and open-source core of Unix-like operating systems.... This is only the beginnin...

1.4AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/23 11:51 a.m.42 views

Threat Roundup for April 16 to April 23

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 16 and April 23. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral... This is on...

1.2AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/23 6:59 a.m.52 views

Talos Takes Ep. #50: Just like us, attackers are using Slack and Discord now more than ever

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. With more workers than ever going remote due to the COVID-19 pandemic, the popularity of collaboration apps like... This i...

1.9AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/22 11:0 a.m.31 views

Threat Source Newsletter (April 22, 2021)

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We went viral this week! Everyone seemed to love to joke about these vulnerabilities we discovered in a WiFi-connected air fryer. An attacker, if they had physical access to the device, could exploit these... This is only the...

3.5AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/22 10:29 a.m.222 views

Threat Advisory: Pulse Secure Connect Coverage

Pulse Secure announced that a critical vulnerability CVE-2021-22893 was discovered in their VPN service "Pulse Secure Connect" in a recent security advisory. The advisory states that, "a vulnerability was discovered under Pulse Connect Secure PCS. This includes an authentication by-pass... This i...

7.5CVSS2.6AI score0.47172EPSS
Exploits9
Talos Blog
Talos Blog
added 2021/04/22 6:54 a.m.59 views

A year of Fajan evolution and Bloomberg themed campaigns

By Vanja Svajcer. News summarySome malware campaigns are designed to spread malware to as many people as possible — while some others carefully choose their targets. Cisco Talos recently discovered a malware campaign that does not fit in any of the two categories. This actor has a relatively low...

3AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/22 5:17 a.m.34 views

Beers with Talos Ep. #103: ICS/SCADA Security — The permanence and people problems

Beers with Talos BWT Podcast episode No. 103 is now available. Download this episode and subscribe to Beers with Talos:Apple Podcasts Google PodcastsSpotify StitcherIf iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded March 2021 ICS and SCADA... This is only the...

1.9AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/21 10:0 a.m.32 views

Vulnerability Spotlight: Code execution vulnerabilities in PrusaSlicer

Lilith of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two out-of-bounds write vulnerabilities in Prusa Research’s PrusaSlicer. Prusa Slicer is an open-source 3-D printer slicing program forked off Slic3r that can convert various 3-D... This i...

1.9AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/20 9:10 a.m.31 views

Vulnerability Spotlight: Multiple vulnerabilities in Synology DiskStation Manager

Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in Synology DiskStation Manager. DSM is the Linux-based operating system for every Synology network-attached storage device NAS. The... This is only the...

1.6AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/19 11:18 a.m.43 views

Threat Advisory: NSA SVR Advisory Coverage

The U.S. National Security Agency released an advisory outlining several vulnerabilities that the Russian Foreign Intelligence Services SVR is exploiting in the wild. The U.S. formally attributed the recent SolarWinds supply chain attack to the SVR group in this advisory and detailed more of the...

2.8AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/19 8:6 a.m.24 views

Vulnerability Spotlight: Remote code execution vulnerabilities in Cosori smart air fryer

Dave McDaniel of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered two code execution vulnerabilities in the Cosori smart air fryer. The Cosori Smart Air Fryer is a WiFi-enabled kitchen appliance that cooks food with a variety of... This is only the...

1.5AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/16 12:52 p.m.24 views

Threat Roundup for April 9 to April 16

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 9 and April 16. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

1.1AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/16 7:53 a.m.40 views

Talos Takes Ep. #49: LodaRAT keeps growing....and growing

By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Chris Neal from Talos Outreach has followed LodaRAT for years now. It’s gone from a fairly small threat to a full-on... Th...

2AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/15 11:0 a.m.38 views

Threat Source Newsletter (April 15, 2021)

Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. If you missed our webinar last week, we've got you covered. We've uploaded an extended version to our YouTube page that includes the scripts used in the presentation. This video will show you how to reverse-engineer and... This is...

2.8AI score
Exploits0
Talos Blog
Talos Blog
added 2021/04/14 6:59 a.m.30 views

Vulnerability Spotlight: Multiple remote code execution vulnerabilities in Microsoft Azure Sphere

Claudio Bozzato and Lilith of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos researchers recently discovered multiple vulnerabilities in Microsoft’s Azure Sphere, a cloud-connected and custom SoC platform designed specifically with IoT application security... This ...

1.2AI score
Exploits0
Total number of security vulnerabilities2032