Category: Cisco Talos Blog

Cisco Talos is disclosing a new malware campaign called “Operation Celestial Force” running since at least 2018. It is still active today, employing the use of GravityRAT, an Android-based malware, along with a Windows-based malware loader we track as “HeavyLift.”…

Read more →

The lone critical security issue is a remote code execution vulnerability due to a use-after-free issue in the HTTP handling function of Microsoft Message Queuing. This article has been indexed from Cisco Talos Blog Read the original article: Only one…

Read more →

AI’s integration into search engines could change the way many of us interact with the internet. This article has been indexed from Cisco Talos Blog Read the original article: The sliding doors of misinformation that come with AI-generated search results

Read more →

This post was authored by Kalpesh Mantri.  Cisco Talos is actively tracking a recent increase in activity from malicious email campaigns containing a suspicious Microsoft Excel attachment that, when opened, infected the victim's system with the DarkGate malware.  These campaigns,…

Read more →

Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called “CarnavalHeist.” Many of the observed tactics, techniques and procedures (TTPs) are common among other banking trojans coming out of Brazil.…

Read more →

Drivers from New York to Georgia and Pennsylvania have received these types of texts with equally convincing phishing text messages and lure pages. This article has been indexed from Cisco Talos Blog Read the original article: Attackers are impersonating a…

Read more →

By Anna Bennett, Nicole Hoffman, Asheer Malhotra, Sean Taylor and Brandon White.  Cisco Talos is disclosing a new suspected data theft campaign, active since at least 2021, we attribute to an advanced persistent threat actor (APT) we’re calling “LilacSquid.”   LilacSquid’s…

Read more →

Acrobat, one of the most popular PDF readers currently available, contains two out-of-bounds read vulnerabilities that could lead to the exposure of sensitive contents of arbitrary memory in the application. This article has been indexed from Cisco Talos Blog Read…

Read more →

Generative AI applies to any site “whose primary purpose is to use artificial intelligence models to generate output in the form of text, audio, video or images based on user-supplied prompts.” This article has been indexed from Cisco Talos Blog…

Read more →

Since the advent of products like the Tile and Apple AirTag, both used to keep track of easily lost items like wallets, keys and purses, bad actors and criminals have found ways to abuse them.  These adversaries can range from…

Read more →

Cisco recently developed and released a new feature to detect brand impersonation in emails when adversaries pretend to be a legitimate corporation. This article has been indexed from Cisco Talos Blog Read the original article: From trust to trickery: Brand…

Read more →

Here’s a rundown of some things you may have missed if you weren’t able to stay on top of the things coming out of the conference. This article has been indexed from Cisco Talos Blog Read the original article: Rounding…

Read more →

Compared to fuzzing for software vulnerabilities on Linux, where most of the code is open-source, targeting anything on macOS presents a few difficulties. This article has been indexed from Cisco Talos Blog Read the original article: Talos releases new macOS…

Read more →

The lone critical security issue is CVE-2024-30044, a remote code execution vulnerability in SharePoint Server. This article has been indexed from Cisco Talos Blog Read the original article: Only one critical vulnerability included in May’s Microsoft Patch Tuesday; One other…

Read more →

Commercial spyware tools can threaten democratic values by enabling governments to conduct covert surveillance on citizens, undermining privacy rights and freedom of expression. This article has been indexed from Cisco Talos Blog Read the original article: Talos joins CISA to…

Read more →

Under a pilot program, CISA has sent out more than 2,000 alerts to registered organizations regarding the existence of any unpatched vulnerabilities in CISA’s KEV catalog. This article has been indexed from Cisco Talos Blog Read the original article: A…

Read more →

Two vulnerabilities in this group — one in the Tinyroxy HTTP proxy daemon and another in the stb_vorbis.c file library — could lead to arbitrary code execution, earning both issues a CVSS score of 9.8 out of 10. This article…

Read more →

There are some classics on this list — the ever-present “Password” password, Passw0rd (with a zero, not an “O”) and “123456.” This article has been indexed from Cisco Talos Blog Read the original article: What can we learn from the…

Read more →

Talos also recently helped to responsibly disclose and patch other vulnerabilities in the Foxit PDF Reader and two open-source libraries that support the processing and handling of DICOM files. This article has been indexed from Cisco Talos Blog Read the…

Read more →

With RSAC just a week away, Cisco Talos is gearing up for another year of heading to San Francisco to share in some of the latest major cybersecurity announcements, research and news. This article has been indexed from Cisco Talos…

Read more →