Lucene search
K
TalosblogRecent

2033 matches found

Talos Blog
Talos Blog
added 2019/04/16 11:45 a.m.741 views

New HawkEye Reborn Variant Emerges Following Ownership Change

Edmund Brumaghin and Holger Unterbrink authored this blog post. Executive summary Malware designed to steal sensitive information has been a threat to organizations around the world for a long time. The emergence of the greyware market and the increased commercialization of keyloggers, stealers,...

9.3CVSS8.7AI score0.99945EPSS
Exploits33
Talos Blog
Talos Blog
added 2019/04/15 8:47 a.m.67 views

Vulnerability Spotlight: Denial of service in VMWare Workstation 15

Piotr Bania of Cisco Talos discovered this vulnerability. Executive summary VMware Workstation 15 contains an exploitable denial-of-service vulnerability. Workstation allows users to run multiple operating systems on a Linux or Windows PC. An attacker could trigger this particular vulnerability...

5.8CVSS6.5AI score0.01666EPSS
Exploits0
Talos Blog
Talos Blog
added 2019/04/15 7:37 a.m.76 views

Vulnerability Spotlight: Multiple vulnerabilities in Shimo VPN's helper tool

Discovered by Tyler Bohan of Cisco Talos. Overview Cisco Talos is disclosing a series of vulnerabilities found in the Shimo VPN Helper Tool. Shimo VPN is a popular VPN client for MacOS that can be used to connect multiple VPN accounts to one application. These specific vulnerabilities were found ...

7.2CVSS1.3AI score0.0068EPSS
Exploits6
Talos Blog
Talos Blog
added 2019/04/12 10:56 a.m.160 views

Threat Roundup for April 5 to April 12

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 05 and April 12. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

0.1AI score
Exploits0
Talos Blog
Talos Blog
added 2019/04/11 11:20 a.m.79 views

Sextortion profits decline despite higher volume, new techniques

Post authored by Nick Biasini and Jaeson Schultz. Sextortion spammers continue blasting away at high volume. The success they experienced with several high-profile campaigns last year has led these attackers to continue transmitting massive amounts of sextortion email. These sextortion spammers...

7.5AI score
Exploits0
Talos Blog
Talos Blog
added 2019/04/11 11:0 a.m.29 views

Threat Source (April 11)

Newsletter compiled by Jonathan Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. If you haven’t yet, there’s still time to register for this year’s Talos Threat Research Summit — our second annual conference by...

8.1AI score
Exploits0
Talos Blog
Talos Blog
added 2019/04/10 6:48 a.m.52 views

Vulnerability Spotlight: Adobe Acrobat Reader remote code execution

Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Executive summary There is a remote code execution vulnerability in Adobe Acrobat Reader that could occur if a user were to open a malicious PDF on their machine using the software. Acrobat is the most widely used PDF reader on t...

7.5CVSS9.8AI score0.13541EPSS
Exploits0
Talos Blog
Talos Blog
added 2019/04/10 6:32 a.m.109 views

Gustuff banking botnet targets Australia

Vitor Ventura authored this post. Executive summary Cisco Talos has uncovered a new Android-based campaign targeting Australian financial institutions. As the investigation progressed, Talos came to understand that this campaign was associated with the "ChristinaMorrow" text message spam scam...

Exploits0
Talos Blog
Talos Blog
added 2019/04/09 11:10 a.m.83 views

Microsoft Patch Tuesday — April 2019: Vulnerability disclosures and Snort coverage

Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 74 vulnerabilities, 16 of which are rated “critical” and 58 that are considered “important.” This release also includes a critical advisory...

9.3CVSS1AI score0.81551EPSS
Exploits67
Talos Blog
Talos Blog
added 2019/04/05 10:38 a.m.56 views

Beers with Talos Ep. #50: Operating under the cover of… nothing

Beers with Talos BWT Podcast Ep. No. 50 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded March 29, 2019 - Matt and Joel are both on the road this week, and Omar Santos from Cisco PSIRT joins the crew to...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2019/04/05 10:10 a.m.163 views

Threat Roundup for March 29 to April 5

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 29 and April 05. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

Exploits0
Talos Blog
Talos Blog
added 2019/04/05 9:1 a.m.139 views

Hiding in Plain Sight

This blog was written by Jon Munshaw and Jaeson Schultz. Cisco Talos is continually working to ensure that our threat intelligence not only accounts for the latest threats but also new versions of old threats, such as spam. This often means pursuing cybercriminals wherever they congregate. Howeve...

6.7AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/29 2:3 p.m.48 views

Registration for the 2019 Talos Threat Research Summit is now open

The Talos Threat Research Summit is officially back. Registration is open now for the second year of our conference by defenders, for defenders. Tickets sold out quickly last year for our inaugural event, so act quickly. This year’s Research Summit will take place on June 9 in San Diego, Calif. —...

1.3AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/29 10:4 a.m.63 views

Threat Roundup for March 22 to March 29

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 22 and March 29. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

0.3AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/28 2:0 p.m.50 views

Cyber Security Week in Review (March 28)

Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we think you need to know in the security world. Top headlines this week ASUS had to release an emergency fix for a malware that may have accidentally deployed to their machines. Attackers may have...

0.1AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/26 7:59 a.m.95 views

Vulnerability Spotlight: Multiple vulnerabilities in GOG Galaxy Games

Richard Johnson and Tyler Bohan of Cisco Talos discovered these vulnerabilities. Executive summary The GOG Galaxy video game launcher contains multiple vulnerabilities that could allow a malicious actor to carry out a variety of attacks. GOG Galaxy Games is a video game storefront that allows use...

7.2CVSS1.3AI score0.00598EPSS
Exploits1
Talos Blog
Talos Blog
added 2019/03/25 6:0 a.m.48 views

Cisco Talos adds new Content Category

Our goal at Cisco Talos is to provide detailed and actionable information in order to let customers decide how best to protect their networks and users based on their needs. To this end, Cisco Talos is adding a new content category to Talos Intelligence. Starting on April 3, supported Cisco...

2.3AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/22 11:27 a.m.55 views

Threat Roundup for March 15 to March 22

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 15 and March 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

0.5AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/22 6:37 a.m.57 views

Cyber Security Week in Review (March 22)

Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we think you need to know in the security world. For more news delivered to your inbox every week, sign up for our Threat Source newsletter here. Top headlines this week Norwegian aluminum company...

0.4AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/20 11:8 a.m.102 views

Ransomware or Wiper? LockerGoga Straddles the Line

Executive Summary Ransomware attacks have been in the news with increased frequency over the past few years. This type of malware can be extremely disruptive and even cause operational impacts in critical systems that may be infected. LockerGoga is yet another example of this sort of malware. It ...

1.3AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/20 8:8 a.m.28 views

Beers with Talos Ep. #49: POS Malware, RSA Highlights, and SOL OpSec Fails

Beers with Talos BWT Podcast Ep. 49 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded March 15, 2019. We recorded this after coming back from RSA, with some on-location highlights included. This episode ope...

0.1AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/19 8:0 a.m.170 views

Vulnerability Spotlight: Multiple Vulnerabilities in CUJO Smart Firewall, Das U-Boot, OCTEON SDK, Webroot BrightCloud

Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Executive summary CUJO AI produces the CUJO Smart Firewall, a device that provides protection to home networks against a myriad of threats such as malware, phishing websites and hacking attempts. Cisco Talos recently discovered 11...

9.3CVSS1AI score0.02669EPSS
Exploits10
Talos Blog
Talos Blog
added 2019/03/18 9:44 a.m.120 views

IPv6 unmasking via UPnP

Martin Zeiser and Aleksandar Nikolich authored this post. Executive summary With tools such as ZMap and Masscan and general higher bandwidth availability, exhaustive internet-wide scans of full IPv4 address space have become the norm after it was once impractical. Projects like Shodan and Scans.i...

6.7AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/15 1:41 p.m.101 views

Threat Roundup for March 8 to March 15

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 08 and March 15. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

0.6AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/15 5:59 a.m.40 views

Cyber Security Week in Review (March 15)

Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we think you need to know in the security world. For more news delivered to your inbox every week, sign up for our Threat Source newsletter here. Top headlines this week The U.S. warned Germany that...

Exploits0
Talos Blog
Talos Blog
added 2019/03/13 7:52 a.m.177 views

GlitchPOS: New PoS malware for sale

Warren Mercer and Paul Rascagneres authored this post with contributions from Ben Baker. Executive summary Point-of-sale malware is popular among attackers, as it usually leads to them obtaining credit card numbers and immediately use that information for financial gain. This type of malware is...

0.8AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/12 11:0 a.m.108 views

Microsoft Patch Tuesday — March 2019: Vulnerability disclosures and Snort coverage

Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 64 vulnerabilities, 17 of which are rated “critical,” 45 that are considered “important” and one “moderate” and “low” vulnerability each. This...

9.3CVSS0.7AI score0.6285EPSS
Exploits18
Talos Blog
Talos Blog
added 2019/03/12 7:24 a.m.42 views

Vulnerability Spotlight: Privilege escalation bug in CleanMyMac X's helper service

Tyler Bohan of Cisco Talos discovered this vulnerability. Executive summary CleanMyMac X contains a privilege escalation vulnerability in its helper service due to improper updating. The application fails to remove the vulnerable components upon upgrading to the latest version, leaving the user...

6.6CVSS1.4AI score0.00398EPSS
Exploits0
Talos Blog
Talos Blog
added 2019/03/08 1:0 p.m.32 views

The sights and sounds of Cisco Talos at RSA 2019

An estimated 45,000 people attended this year’s RSA Conference in San Francisco to hear talks from some of the greatest minds in security. As always, Cisco and Talos had a massive presence at the conference, topping off the week with a keynote address featuring Matt Watchinski, the vice president...

0.6AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/08 9:2 a.m.51 views

Threat Roundup for Mar. 1 to Mar. 8

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 1 8. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics, indicato...

6.8AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/08 6:55 a.m.46 views

Cyber Security Week in Review (March 8)

Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we think you need to know in the security world. For more news delivered to your inbox every week, sign up for our Threat Source newsletter here. Top headlines this week Chinese tech company Huawei i...

Exploits0
Talos Blog
Talos Blog
added 2019/03/07 6:14 a.m.77 views

Vulnerability Spotlight: Multiple local vulnerabilities in Pixar Renderman

Tyler Bohan of Cisco Talos discovered these vulnerabilities. Executive summary The MacOS version of Pixar Renderman contains three local vulnerabilities in its install helper tool. An attacker could exploit these bugs to escalate their privileges to root. Renderman is a rendering application used...

7.2CVSS1.5AI score0.00881EPSS
Exploits3
Talos Blog
Talos Blog
added 2019/03/05 12:11 p.m.36 views

Cisco, Talos tout importance of IoT security at RSA keynote

--- Matt Watchinski, the vice president of Cisco Talos, delivers a keynote address at the RSA Conference in San Francisco on Tuesday. By Jonathan Munshaw of Cisco Talos and Liza Meak of The Network, Cisco’s technology news site. By 2020, Gartner predicts 20 billion connected devices will be onlin...

0.4AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/05 5:33 a.m.51 views

Beers with Talos Ep. #48: Loaders or trojans, plus an RSA preview

Beers with Talos BWT Podcast Ep. 48 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. March 1, 2019 - This is a super short episode. We are trying to get it out in time for RSA and Matt is MIA today. We are covering...

0.7AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/01 9:16 a.m.55 views

Threat Roundup for Feb. 22 to March 1

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 22 and March 01. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristic...

0.4AI score
Exploits0
Talos Blog
Talos Blog
added 2019/03/01 6:55 a.m.59 views

Cyber Security Week in Review (March 1)

Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we think you need to know in the security world. For more news delivered to your inbox every week, sign up for our Threat Source newsletter here. Top headlines this week Drupal patched a “highly...

0.4AI score
Exploits0
Talos Blog
Talos Blog
added 2019/02/28 7:22 a.m.26 views

Vulnerability Spotlight: Remote code execution vulnerability in Antenna House Rainbow PDF Office Server Document Converter

Emmanuel Tacheau of Cisco Talos discovered this vulnerability. Executive summary Antenna House Rainbow PDF Office Server Document Converter contains a heap overflow vulnerability that could allow an attacker to remotely execute code on the victim machine. Rainbow PDF is a software solution that...

7.5CVSS1.5AI score0.02301EPSS
Exploits1
Talos Blog
Talos Blog
added 2019/02/26 10:56 a.m.1200 views

Cisco Talos Honeypot Analysis Reveals Rise in Attacks on Elasticsearch Clusters

Christopher Evans of Cisco Talos conducted the research for this post. Executive Summary Cisco Talos warns users that they need to keep a close eye on unsecured Elasticsearch clusters. We have recently observed a spike in attacks from multiple threat actors targeting these clusters. These attacke...

7.5CVSS0.2AI score0.99993EPSS
Exploits129
Talos Blog
Talos Blog
added 2019/02/26 5:31 a.m.83 views

Beers with Talos Ep. #47: Privacy, Underwear, and Arias

Beers with Talos BWT Podcast Ep. 47 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Ep. 47 show notes: Recorded Feb. 15, 2019 We are joined by special guest Michelle Dennedy, a vice president and the chief privacy...

0.5AI score
Exploits0
Talos Blog
Talos Blog
added 2019/02/22 11:32 a.m.58 views

Threat Roundup for Feb. 15 to Feb. 22

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 15 and Feb. 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

0.3AI score
Exploits0
Talos Blog
Talos Blog
added 2019/02/22 6:55 a.m.68 views

Cyber Security Week in Review (Feb. 22)

Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we think you need to know in the security world. For more news delivered to your inbox every week, sign up for our Threat Source newsletter here. Top headlines this week U.S. officials charged a form...

0.8AI score
Exploits0
Talos Blog
Talos Blog
added 2019/02/21 7:27 a.m.125 views

Vulnerability Spotlight: Multiple vulnerabilities in GOG Galaxy Games

Richard Johnson and Tyler Bohan of Cisco Talos discovered these vulnerabilities. Executive summary The GOG Galaxy video game launcher contains multiple vulnerabilities that could allow a malicious actor to carry out a variety of attacks. GOG Galaxy Games is a video game storefront that allows use...

1.3AI score0.00598EPSS
Exploits1
Talos Blog
Talos Blog
added 2019/02/20 8:27 a.m.125 views

Combing Through Brushaloader Amid Massive Detection Uptick

Nick Biasini and Edmund Brumaghin authored this blog post with contributions from Matthew Molyett. Executive Summary Over the past several months, Cisco Talos has been monitoring various malware distribution campaigns leveraging the malware loader Brushaloader to deliver malware payloads to...

6.7AI score
Exploits0
Talos Blog
Talos Blog
added 2019/02/18 9:29 a.m.47 views

JavaScript bridge makes malware analysis with WinDbg easier

Introduction As malware researchers, we spend several days a week debugging malware in order to learn more about it. We have several powerful and popular user mode tools to choose from, such as OllyDbg, x64dbg, IDA Pro and Immunity Debugger. All these debuggers utilize some scripting language to...

6.7AI score
Exploits0
Talos Blog
Talos Blog
added 2019/02/15 3:3 p.m.65 views

Threat Roundup for Feb. 8 to Feb. 15

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 08 and Feb. 15. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

0.4AI score
Exploits0
Talos Blog
Talos Blog
added 2019/02/15 7:0 a.m.43 views

Cyber Security Week in Review (Feb. 15, 2019)

Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we think you need to know in the security world. For more news delivered to your inbox every week, sign up for our Threat Source newsletter here. Top headlines this week Email provider VFEmail says i...

Exploits0
Talos Blog
Talos Blog
added 2019/02/14 10:31 a.m.43 views

Beers with Talos Ep. #46 - Privacy Pwnd: ExileRAT and Collecting Bad Karma

Beers with Talos BWT Podcast Ep. 46 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Ep. 46 show notes: Recorded Feb. 1, 2019 Today we discuss threats that bridge the gap between violating privacy and classic...

0.4AI score
Exploits0
Talos Blog
Talos Blog
added 2019/02/12 11:55 a.m.132 views

Microsoft Patch Tuesday — February 2019: Vulnerability disclosures and Snort coverage

Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 69 vulnerabilities, 20 of which are rated “critical,” 46 that are considered “important” and three that are “moderate.” This release also...

9.3CVSS0.8AI score0.99913EPSS
Exploits30
Talos Blog
Talos Blog
added 2019/02/12 9:26 a.m.28 views

Vulnerability Spotlight: Adobe Acrobat Reader DC text field remote code execution vulnerability

Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Executive summary Adobe Acrobat Reader DC contains a vulnerability that could allow an attacker to remotely execute code on the victim’s machine. If the attacker tricks the user into opening a specially crafted PDF with specific...

7.7AI score
Exploits0
Talos Blog
Talos Blog
added 2019/02/11 8:2 a.m.109 views

What you can learn from Cisco Talos’ new oil pumpjack workshop

Paul Rascagneres wrote this blog post with contributions from Patrick DeSantis from Cisco Talos ARES Advanced Research/Embedded Systems. Executive summary Every day, more industrial control systems ICS become vulnerable to cyber attacks. As these massive, critical machines become more...

0.4AI score
Exploits0
Total number of security vulnerabilities2033