Tag: Cisco Talos Blog

There is also a newly disclosed vulnerability in a graphics driver for some NVIDIA GPUs that could lead to a memory leak. This article has been indexed from Cisco Talos Blog Read the original article: Netgear wireless router open to…

Read more →

Research conducted by Cisco Talos last year has uncovered multiple vulnerabilities that were rated as low-severity despite their ability to allow for full arbitrary code execution. This article examines the exploitation process step-by-step. This article has been indexed from Cisco…

Read more →

Talos explores the recent law enforcement takedown of LockBit, a prolific ransomware group that claimed to resume their operations 7 days later. This article has been indexed from Cisco Talos Blog Read the original article: The LockBit story: Why the ransomware…

Read more →

There are a few reasons why we’re so ready to jump to the “it’s a cyber attack!” This article has been indexed from Cisco Talos Blog Read the original article: Not everything has to be a massive, global cyber attack

Read more →

Talos IR has responded to several recent incidents in which threat actors used legitimate digital document publishing sites such as Publuu and Marq to host phishing documents as part of ongoing credential and session harvesting attacks. This article has been…

Read more →

March’s Patch Tuesday is relatively light, containing 60 vulnerabilities — only two labeled “critical.” This article has been indexed from Cisco Talos Blog Read the original article: Another Patch Tuesday with no zero-days, only two critical vulnerabilities disclosed by Microsoft

Read more →

It’s important to be vigilant about tax-related scams any time these deadlines roll around, regardless of what country you’re in, but it’s not like you need to be particularly more skeptical in March and April. This article has been indexed…

Read more →

We discuss three of the most common post-compromise tactics that Talos has observed in our threat telemetry and Cisco Talos Incident Response (Talos IR) engagements. These include modifying the device’s firmware, uploading customized/weaponized firmware, and bypassing security measures. This article…

Read more →

Analysis of the traffic between networked devices has always been of interest since devices could even communicate with one another.  As the complexity of networks grew, the more useful dedicated traffic analysis tools became. Major advancements have been made over…

Read more →

Cisco Talos observed a surge in GhostSec, a hacking group’s malicious activities since this past year. GhostSec has evolved with a new GhostLocker 2.0 ransomware, a Golang variant of the GhostLocker ransomware. This article has been indexed from Cisco Talos…

Read more →

. The bulk of her career was with a manufacturing company working as a security and email administrator, but she uses her criminal justice degree daily now with Talos IR helping to track down bad actors or helping customers understand…

Read more →

Apple’s newest encryption technology, called PQ3, now secures iMessages with end-to-end encryption that is quantum-resistant. This article has been indexed from Cisco Talos Blog Read the original article: Why Apple added protection against quantum computing when quantum computing doesn’t even…

Read more →

Other potential code execution vulnerabilities are also present in Weston Embedded µC/HTTP-server, a web server component in Weston Embedded’s in-house operating system and an open-source library that processes several types of potentially sensitive medical tests. This article has been indexed…

Read more →

As we begin a new year, we wanted to address one of the biggest issues we consistently see in our investigations: passive security.  Incident response engagements are an important part of our work and the intelligence-gathering process and their associated…

Read more →

Talos has observed a phishing spam campaign targeting potential victims in Mexico, luring users to download a new obfuscated information stealer we’re calling TimbreStealer, which has been active since at least November 2023. This article has been indexed from Cisco…

Read more →

Fake news, disinformation, misinformation – whatever label you want to put on it – will not just go away if one election in the U.S. goes one way or the other. This article has been indexed from Cisco Talos Blog…

Read more →

Cisco Talos, in cooperation with CERT.NGO, has discovered new malicious components used by the Turla APT. New findings from Talos illustrate the inner workings of the command and control (C2) scripts deployed on the compromised WordPress servers utilized in the…

Read more →

While distilling risk down to a simple numerical score is helpful for many in the security space, it is also an imperfect system that can often leave out important context. This article has been indexed from Cisco Talos Blog Read…

Read more →

Google Cloud Run is currently being abused in high-volume malware distribution campaigns, spreading several banking trojans such as Astaroth (aka Guildma), Mekotio and Ousaban to targets across Latin America and Europe. The volume of emails associated with these campaigns has…

Read more →

There was about a 24-hour period where many news outlets reported on a reported DDoS attack that involved a botnet made up of thousands of internet-connected toothbrushes. This article has been indexed from Cisco Talos Blog Read the original article:…

Read more →