Tag: Cisco Talos Blog

Two vulnerabilities in this group — one in the Tinyroxy HTTP proxy daemon and another in the stb_vorbis.c file library — could lead to arbitrary code execution, earning both issues a CVSS score of 9.8 out of 10. This article…

Read more →

There are some classics on this list — the ever-present “Password” password, Passw0rd (with a zero, not an “O”) and “123456.” This article has been indexed from Cisco Talos Blog Read the original article: What can we learn from the…

Read more →

Talos also recently helped to responsibly disclose and patch other vulnerabilities in the Foxit PDF Reader and two open-source libraries that support the processing and handling of DICOM files. This article has been indexed from Cisco Talos Blog Read the…

Read more →

With RSAC just a week away, Cisco Talos is gearing up for another year of heading to San Francisco to share in some of the latest major cybersecurity announcements, research and news. This article has been indexed from Cisco Talos…

Read more →

Nutland says he goes into every engagement or new project with a completely open mind and a blank slate — using his background investigating terror operations to find out as much as he can about a particular adversary’s operation. This…

Read more →

Plus, new details emerge on the Scattered Spider cybercrime network and ArcaneDoor. This article has been indexed from Cisco Talos Blog Read the original article: The private sector probably isn’t coming to save the NVD

Read more →

Within BEC attacks, adversaries will send phishing emails appearing to be from a known or reputable source making a valid request, such as updating payroll direct deposit information. This article has been indexed from Cisco Talos Blog Read the original…

Read more →

ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are the perfect intrusion point for espionage-focused campaigns. This article has been indexed from…

Read more →

By Joey Chen, Chetan Raghuprasad and Alex Karkins.  Cisco Talos discovered a new ongoing campaign since at least February 2024, operated by a threat actor distributing three famous infostealer malware, including Cryptbot, LummaC2 and Rhadamanthys. Talos also discovered a new…

Read more →

Given the state of the NVD and vulnerability management, we felt it was worth looking at the current state of the NVD, how we got to this point, what it means for security teams, and where we go from here.…

Read more →

At most, someone who intentionally or repeatedly shares information on their social platform that’s misleading or downright false may have their account blocked, suspended or deleted. This article has been indexed from Cisco Talos Blog Read the original article: Could…

Read more →

During a threat-hunting exercise, Cisco Talos discovered documents with potentially confidential information originating from Ukraine. The documents contained malicious VBA code, indicating they may be used as lures to infect organizations. This article has been indexed from Cisco Talos Blog…

Read more →

Cisco Talos would like to acknowledge Brandon White of Cisco Talos and Phillip Schafer, Mike Moran, and Becca Lynch of the Duo Security Research team for their research that led to identification of these attacks. Cisco Talos is actively monitoring…

Read more →

The security community is still reflecting on the “What If” of the XZ backdoor. This article has been indexed from Cisco Talos Blog Read the original article: The internet is already scary enough without April Fool’s jokes

Read more →

There are also two out-of-bounds write vulnerabilities in the AMD Radeon user mode driver for DirectX 11. This article has been indexed from Cisco Talos Blog Read the original article: Vulnerability in some TP-Link routers could lead to factory reset

Read more →

An April 2023 study from Kent State University found that remote workers are more likely to be vigilant of security threats and take actions to ward them off than their in-office counterparts. This article has been indexed from Cisco Talos…

Read more →

Cisco Talos discovered a new threat actor we’re calling “CoralRaider” that we believe is of Vietnamese origin and financially motivated. CoralRaider has been operating since at least 2023, targeting victims in several Asian and Southeast Asian countries. This article has…

Read more →

While there are many legitimate uses for this software, adversaries are also finding ways to use them for command and control in their campaigns. This article has been indexed from Cisco Talos Blog Read the original article: Adversaries are leveraging…

Read more →