πŸ”’
There are new articles available, click to refresh the page.
βœ‡ Cisco Talos

SQUIRRELWAFFLE Leverages malspam to deliver Qakbot, Cobalt Strike

By: [email protected] (Edmund Brumaghin) β€”
By Edmund Brumaghin, Mariano Graziano and Nick Mavis. Executive summary Recently, a new threat, referred to as "SQUIRRELWAFFLE" is being spread more widely via spam campaigns, infecting systems with a new malware loader. This is a malware family that's been spread with increasing regularity and...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Threat Roundup for October 15 to October 22

By: [email protected] (William Largent) β€”
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 15 and Oct. 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Threat Source newsletter (Oct. 21, 2021)

By: [email protected] (Jon Munshaw) β€”
Β Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.Β Β  We're writing this on Wednesday for PTO reasons, so apologies if we miss any major news that happens after Wednesday afternoon.Β  Above, you can watch our awesome live stream from Monday with Brad Garnett from...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Malicious campaign uses a barrage of commodity RATs to target Afghanistan and India

By: noreply[email protected] (Unknown) β€”
Cisco Talos recently discovered a threat actor using political and government-themed malicious domains to target entities in India and Afghanistan.These attacks use dcRAT and QuasarRAT for Windows delivered via malicious documents exploiting CVE-2017-11882 β€” a memory corruption vulnerability in...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Beers with Talos, Ep. #110: The 10 most-exploited vulnerabilities this year (You won't believe No. 6!)

By: [email protected] (Jon Munshaw) β€”
Beers with Talos (BWT) Podcast episode No. 110 is now available. Download this episode and subscribe to Beers with Talos:Apple PodcastsΒ Google PodcastsSpotifyΒ Β StitcherIf iTunes and Google Play aren't your thing, clickΒ here. We mainly spend this episode doing some catching up...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Vulnerability Spotlight: Multiple vulnerabilities in ZTE MF971R LTE router

By: [email protected] (Jon Munshaw) β€”
Marcin β€œIcewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Β  Cisco Talos recently discovered multiple vulnerabilities in the ZTE MF971R LTE portable router.Β  The MF971R is a portable router with Wi-Fi support and works as an LTE/GSM modem. An attacker could...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Threat Roundup for October 8 to October 15

By: [email protected] (William Largent) β€”
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 8 and Oct. 15. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Talos Takes Ep. #73 (NCSAM edition): Fight the phish from land, sea and air

By: [email protected] (Jon Munshaw) β€”
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit theΒ Talos Takes page. Most people may think of spam as being the classic email promising that you've won the lottery or some great prize,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Threat Source newsletter (Oct. 14, 2021)

By: [email protected] (Jon Munshaw) β€”
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.Β Β  It's still Cybersecurity Awareness Month, and what better way to celebrate by patching and then patching some more?Β  This week was Microsoft Patch Tuesday, which only included two critical vulnerabilities, but still...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Vulnerability Spotlight: Code execution vulnerabilities in Nitro Pro PDF

By: [email protected] (Jon Munshaw) β€”
A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw.Β  Cisco Talos recently discovered multiple vulnerabilities in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application.Β  Nitro Pro PDF is part of Nitro Software’s...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Vulnerability Spotlight: Use-after-free vulnerability in Microsoft Excel could lead to code execution

By: [email protected] (Jon Munshaw) β€”
Marcin β€œIcewall” Noga of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Β  Cisco Talos recently discovered a use-after-free vulnerability in the ConditionalFormatting functionality of Microsoft Office Excel 2019 that could allow an attacker to execute arbitrary code on the...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Microsoft Patch Tuesday for Oct. 2021 β€” Snort rules and prominent vulnerabilities

By: [email protected] (Jon Munshaw) β€”
By Jon Munshaw, with contributions from Asheer Malhotra.Β  Microsoft released its monthly security update Tuesday, disclosing 78 vulnerabilities in the company’s various software, hardware and firmware offerings.Β Β  This month’s release is particularly notable because there are only...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows

By: [email protected] (Jon Munshaw) β€”
Lilith >_> of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Β  Cisco Talos recently discovered two vulnerabilities in the Anker Eufy Homebase.Β  The Eufy Homebase 2 is the video storage and networking gateway that works with Anker’s Eufy Smarthome ecosystem. All Eufy...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Threat Roundup for October 1 to October 8

By: [email protected] (William Largent) β€”
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 1 and Oct. 8. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Talos Takes Ep. #71 (NCSAM edition): Reflecting on ransomware in 2021

By: [email protected] (Jon Munshaw) β€”
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit theΒ Talos Takes page. We are from the first (or last) people to say this, but 2021 is the year of ransomware. It’s by far the biggest story...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Threat Advisory: Apache HTTP Server zero-day vulnerability opens door for attackers

By: [email protected] (Nick Biasini) β€”
A recently discovered vulnerability in Apache HTTP Server (CVE-2021-41733) is being actively exploited in the wild. This vulnerability is a path traversal and file disclosure vulnerability that could allow an attacker to map URLs outside of the document root. It could also result in the exposure...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Threat Source newsletter (Oct. 7, 2021)

By: [email protected] (Jon Munshaw) β€”
Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.Β Β  Every day, we see mountains and mountains of data. So how do we comb through all of it to find out what's important to customers and users? Well, there are many ways, but we wanted to give readers and researchers a look...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Threat hunting in large datasets by clustering security events

By: [email protected] (Tiago Pereira) β€”
By Tiago Pereira. Security tools can produce very large amounts of data that even the most sophisticated organizations may struggle to manage. Big data processing tools, such as spark, can be a powerful tool in the arsenal of security teams.This post walks through threat hunting on large datasets...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
βœ‡ Cisco Talos

Threat Roundup for September 24 to October 1

By: [email protected] (William Largent) β€”
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 24 and Oct. 1. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

[[ This is only the beginning! Please visit the blog for the complete entry ]]
❌