Category: Cisco Talos Blog

Cisco Talos’ Vulnerability Research team recently disclosed three out-of-bounds read vulnerabilities in Adobe Acrobat Reader, and two use-after-free vulnerabilities in Foxit Reader.   These vulnerabilities exist in Adobe Acrobat Reader and Foxit Reader, two of the most popular and feature-rich PDF…

Read more →

In the last newsletter of the year, Thorsten recalls his tech-savvy gift to his family and how we can all incorporate cybersecurity protections this holiday season. This article has been indexed from Cisco Talos Blog Read the original article: Welcome…

Read more →

This post is the result of research into the real-world application of the Bring Your Own Vulnerable Driver (BYOVD) technique along with Cisco Talos’ series of posts about  malicious Windows drivers. This article has been indexed from Cisco Talos Blog…

Read more →

Its mid-December, if you’re on-call or working to defend networks, this newsletter is for you. Martin discusses the widening gap between threat and defences as well as the growing problem of home devices being recruited to act as proxy servers…

Read more →

Proxy and anonymization networks have been dominating the headlines, this piece discusses its origins and evolution on the threat landscape with specific focus on state sponsored abuse. This article has been indexed from Cisco Talos Blog Read the original article:…

Read more →

The Patch Tuesday for December of 2024 includes 72 vulnerabilities, including four that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.” This article has been indexed from Cisco Talos Blog Read the original article: Microsoft Patch…

Read more →

Cisco Talos' Vulnerability Research team recently discovered two vulnerabilities in MC Technologies LR Router and three vulnerabilities in the GoCast service.  These vulnerabilities have not been patched at time of this posting.  For Snort coverage that can detect the exploitation…

Read more →

Ever wonder what an extroverted strategy security nerd does? Wonder no longer! This week, Joe pontificates on his journey at Talos, and then is inspired by the people he gets to meet and help. This article has been indexed from…

Read more →

Cisco Talos discovered a new information stealing campaign operated by a Vietnamese-speaking threat actor targeting government and education entities in Europe and Asia. This article has been indexed from Cisco Talos Blog Read the original article: New PXA Stealer targets…

Read more →

The Patch Tuesday for November of 2024 includes 91 vulnerabilities, including two that Microsoft marked as “critical.” The remaining 89 vulnerabilities listed are classified as “important.” This article has been indexed from Cisco Talos Blog Read the original article: November…

Read more →

Cisco Talos Incident Response (Talos IR) recently observed an attacker conducting big-game hunting and double extortion attacks using the relatively new Interlock ransomware. This article has been indexed from Cisco Talos Blog Read the original article: Unwrapping the emerging Interlock…

Read more →

Cisco Talos' Vulnerability Research team recently discovered five Nvidia out-of-bounds access vulnerabilities in shader processing, as well as eleven LevelOne router vulnerabilities spanning a range of possible exploits. For Snort coverage that can detect the exploitation of these vulnerabilities, download…

Read more →

Cisco Talos has observed an unknown threat actor conducting a phishing campaign targeting Facebook business and advertising account users in Taiwan.  The decoy email and fake PDF filenames are designed to impersonate a company's legal department, attempting to lure the…

Read more →

This blog will demonstrate the practice and methodology of reversing BugSleep’s protocol, writing a functional C2 server, and detecting this traffic with Snort. This article has been indexed from Cisco Talos Blog Read the original article: Writing a BugSleep C2…

Read more →

Can LLM tools actually help defenders in the cybersecurity industry write more effective detection content? Read the full research This article has been indexed from Cisco Talos Blog Read the original article: How LLMs could help defenders write better and faster…

Read more →

Credential theft was the main goal in 25% of incidents last quarter, and new ransomware variants made their appearance – read more about the top trends, TTPs, and security weaknesses that facilitated adversary actions. This article has been indexed from…

Read more →

TA866 (also known as Asylum Ambuscade) is a threat actor that has been conducting intrusion operations since at least 2020. This article has been indexed from Cisco Talos Blog Read the original article: Highlighting TA866/Asylum Ambuscade Activity Since 2021

Read more →

WarmCookie is a malware family that emerged in April 2024 and has been distributed via regularly conducted malspam and malvertising campaigns. This article has been indexed from Cisco Talos Blog Read the original article: Threat Spotlight: WarmCookie/BadSpace

Read more →

Cisco Talos recently discovered a phishing campaign using an open-source phishing toolkit called Gophish by an unknown threat actor. This article has been indexed from Cisco Talos Blog Read the original article: Threat actor abuses Gophish to deliver new PowerRAT…

Read more →

As the Akira ransomware group continues to evolve its operations, Talos has the latest research on the group’s attack chain, targeted verticals, and potential future TTPs. This article has been indexed from Cisco Talos Blog Read the original article: Akira…

Read more →