Category: Cisco Talos Blog

WarmCookie is a malware family that emerged in April 2024 and has been distributed via regularly conducted malspam and malvertising campaigns. This article has been indexed from Cisco Talos Blog Read the original article: Threat Spotlight: WarmCookie/BadSpace

Read more →

Cisco Talos recently discovered a phishing campaign using an open-source phishing toolkit called Gophish by an unknown threat actor. This article has been indexed from Cisco Talos Blog Read the original article: Threat actor abuses Gophish to deliver new PowerRAT…

Read more →

As the Akira ransomware group continues to evolve its operations, Talos has the latest research on the group’s attack chain, targeted verticals, and potential future TTPs. This article has been indexed from Cisco Talos Blog Read the original article: Akira…

Read more →

Plus, a zero-day vulnerability in Qualcomm chips, exposed health care devices, and the latest on the Salt Typhoon threat actor. This article has been indexed from Cisco Talos Blog Read the original article: What I’ve learned in my first 7-ish…

Read more →

By Dmytro Korzhevin, Asheer Malhotra, Vanja Svajcer and Vitor Ventura.  Cisco Talos has observed a new wave of attacks active since at least late 2023, from a Russian speaking group we track as “UAT-5647”, against Ukrainian government entities and unknown…

Read more →

Go behind the scenes with Talos incident responders and learn from what we’ve seen in the field. This article has been indexed from Cisco Talos Blog Read the original article: Protecting major events: An incident response blueprint

Read more →

Rather than setting a regular cadence for changing passwords, users only need to change their passwords if there is evidence of a breach. This article has been indexed from Cisco Talos Blog Read the original article: What NIST’s latest password…

Read more →

Cisco Talos is releasing a GDT file on GitHub that contains various definitions for functions and data types. This article has been indexed from Cisco Talos Blog Read the original article: Ghidra data type archive for Windows driver functions

Read more →

Talos also discovered three vulnerabilities in Veertu’s Anka Build, a suite of software designed to test macOS or iOS applications in CI/CD environments. This article has been indexed from Cisco Talos Blog Read the original article: Vulnerability in popular PDF…

Read more →

The two vulnerabilities that Microsoft reports have been actively exploited in the wild and are publicly known are both rated as only being of “moderate” severity. This article has been indexed from Cisco Talos Blog Read the original article: Largest…

Read more →

Despite what lessons we thought we learned from Colonial Pipeline, none of those lessons have been able to be put into practice. This article has been indexed from Cisco Talos Blog Read the original article: CISA is warning us (again)…

Read more →

Cisco Talos has discovered a financially motivated threat actor, active since 2022, recently observed delivering a MedusaLocker ransomware variant.  Intelligence collected by Talos on tools regularly employed by the threat actor allows us to see an estimate of the amount…

Read more →

It shouldn’t just be viewed as a cybersecurity issue, because for a hardware supply chain attack, an adversary would likely need to physically infiltrate or tamper with the manufacturing process. This article has been indexed from Cisco Talos Blog Read…

Read more →

Many spammers have elected to attack web pages and mail servers of legitimate organizations, so they may use these “pirated” resources to send unsolicited email. This article has been indexed from Cisco Talos Blog Read the original article: Simple Mail…

Read more →

Talos researchers have disclosed three vulnerabilities in OpenPLC, a popular open-source programmable logic controller. This article has been indexed from Cisco Talos Blog Read the original article: Talos discovers denial-of-service vulnerability in Microsoft Audio Bus; Potential remote code execution in…

Read more →

This year, Congress only allocated $55 million in federal grant dollars to states for security and other election improvements. This article has been indexed from Cisco Talos Blog Read the original article: Talk of election security is good, but we…

Read more →

A June report from CyberSeek found that there are only enough skilled workers to fill 85 percent of cybersecurity jobs in America. This article has been indexed from Cisco Talos Blog Read the original article: We can try to bridge…

Read more →

CVE-2024-38257 is considered “less likely” to be exploited, though it does not require any user interaction or user privileges. This article has been indexed from Cisco Talos Blog Read the original article: Vulnerability in Acrobat Reader could lead to remote…

Read more →

September’s monthly round of patches from Microsoft included 79 vulnerabilities, seven of which are considered critical. This article has been indexed from Cisco Talos Blog Read the original article: Four zero-days included in group of 79 vulnerabilities Microsoft discloses, including…

Read more →

Talos’ Nick Biasini discusses the biggest shifts and trends in the threat landscape so far. We also focus on one state sponsored actor that has been particularly active this year, and talk about why defenders need to be paying closer…

Read more →