What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-24 13:03:04 | Current executive guidance for ongoing cyberattacks in Ukraine (lien direct) | Cyber threat activity against Ukraine, and around the world, has long been a central focus of our work. We continue to monitor the Ukraine-Russia situation by enacting a comprehensive, Talos-wide effort to provide support to our partners and customers. These actions include issuing new Cisco... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Threat | ||
|
2022-02-23 08:58:01 | Vulnerability Spotlight: Buffer overflow vulnerabilities in Accusoft ImageGear could lead to code execution (lien direct) | Francesco Benvenuto and Emmanuel Tacheau of Cisco Talos and another team member discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in Accusoft ImageGear. The ImageGear library is a document-imaging developer toolkit that... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-02-22 05:02:14 | Time to secure hybrid work for 2022, not 2002 (lien direct) | By Nick Biasini, with contributions from Vitor Ventura. The cyber world today is chaotic, as the continual escalation in malicious activities from state-sponsored actors and criminal organizations has made being a defender an increasingly difficult task. Complicating matters is the ongoing... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-02-18 14:33:21 | (Déjà vu) Threat Roundup for February 11 to February 18 (lien direct) | Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 11 and Feb. 18. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-02-16 11:15:13 | Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution (lien direct) | Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered a vulnerability in Hancom Office - a popular software suite in South Korea - that could allow an attacker to corrupt memory on the targeted machine or execute remote... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Vulnerability | ||
|
2022-02-11 13:22:38 | Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login (lien direct) | Patrick DeSantis of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Moxa's MXview network management software that could allow an attacker to view sensitive data or bypass the need to log into the device. MXview... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-02-11 11:28:27 | (Déjà vu) Threat Roundup for February 4 to February 11 (lien direct) | Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 4 and Feb. 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-02-11 09:07:38 | (Déjà vu) Beers with Talos, Ep. #116: Let\'s wade into the MuddyWater filled with Vipers (lien direct) | Beers with Talos (BWT) Podcast episode No. 116 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherRecorded Feb. 4, 2022. If iTunes and Google Play aren't your thing, click here. Most people... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-02-09 05:06:14 | What\'s with the shared VBA code between Transparent Tribe and other threat actors? (lien direct) | By Vanja Svajcer and Vitor Ventura. Recently, we've been researching several threat actors operating in South Asia: Transparent Tribe, SideCopy, etc., that deploy a range of remote access trojans (RATs). After a hunting session in our malware sample repositories and VirusTotal while looking into... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Threat Malware | APT 36 | |
|
2022-02-08 10:57:01 | (Déjà vu) Microsoft Patch Tuesday for Feb. 2022 - Snort rules and prominent vulnerabilities (lien direct) | By Jon Munshaw and Chris Neal. Microsoft released its monthly security update Tuesday, disclosing 51 vulnerabilities across its large collection of hardware and software. None of the vulnerabilities disclosed this month are considered “critical,” an extreme rarity for the company's... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-02-07 06:55:37 | (Déjà vu) Vulnerability Spotlight: Use-after-free in Google Chrome could lead to code execution (lien direct) | Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser - and Chromium is the open-source version of the browser... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Vulnerability | ||
|
2022-02-02 06:15:16 | Vulnerability Spotlight: Multiple vulnerabilities in Sealevel SeaConnect (lien direct) | Francesco Benvenuto and Matt Wiseman of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered several vulnerabilities in Sealevel Systems Inc.'s SeaConnect internet-of-things edge device - many of which could allow an attacker to conduct a... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-02-02 05:04:10 | Arid Viper APT targets Palestine with new wave of politically themed phishing attacks, malware (lien direct) | By Asheer Malhotra and Vitor Ventura. Cisco Talos has observed a new wave of Delphi malware called Micropsia developed and operated by the Arid Viper APT group since 2017.This campaign targets Palestinian entities and activists using politically themed lures.The latest iteration of the implant... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Malware | APT-C-23 | |
|
2022-01-31 06:43:31 | Vulnerability Spotlight: Memory corruption and use-after-free vulnerabilities in Foxit PDF Reader (lien direct) | Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered a memory corruption and use-after-free vulnerability in the Foxit PDF Reader. Foxit PDF Reader is one of the most popular PDF document readers currently... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Vulnerability | ||
|
2022-01-31 05:01:03 | Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables (lien direct) | By Asheer Malhotra and Vitor Ventura. Cisco Talos has observed a new campaign targeting Turkish private organizations alongside governmental institutions. Talos attributes this campaign with high confidence to MuddyWater - an APT group recently attributed to Iran's Ministry of Intelligence and... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-28 12:21:33 | (Déjà vu) Threat Roundup for January 21 to January 28 (lien direct) | Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 21 and Jan. 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-27 11:00:00 | Threat Source Newsletter (Jan. 27, 2022) (lien direct) | Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. It's great to have New Year's resolutions and all. But we don't want you taking the wrong lessons away from 2021, either. Like just because Log4j happened doesn't mean you should stop logging or stop using open-source... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-27 08:12:08 | (Déjà vu) Beers with Talos, Ep. #115: Everybody\'s measured by quarters - even threat actors (lien direct) | Beers with Talos (BWT) Podcast episode No. 115 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherRecorded Jan. 14, 2022. If iTunes and Google Play aren't your thing, click here. We wanted... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Threat | ★★★★ | |
|
2022-01-26 13:09:42 | Vulnerability Spotlight: WiFi-connected security camera could be manipulated to spy on communications, among other malicious actions (lien direct) | Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered several vulnerabilities in the Reolink RLC-410W security camera that could allow an attacker to perform several malicious actions, including performing man-in-the-middle... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-25 09:31:20 | Vulnerability Spotlight: Vulnerability in Apple iOS, iPad OS and MacOS could lead to disclosure of sensitive memory data (lien direct) | Jaewon Min of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered an out-of-bounds read vulnerability in Apple's macOS and iOS operating systems that could lead to the disclosure of sensitive memory content. An attacker could capitalize on that... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Guideline Vulnerability | ||
|
2022-01-22 05:45:18 | Talos Incident Response year-in-review for 2021 (lien direct) | By David Liebenberg. Cisco Talos Incident Response (CTIR), as with everyone else in the cybersecurity world, dealt with a bevy of threats last year, as responders dealt with an expanding set of ransomware adversaries and several major cybersecurity incidents affecting organizations worldwide,... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Ransomware | ||
|
2022-01-21 12:19:42 | Ukraine Campaign Delivers Defacement and Wipers, in Continued Escalation (lien direct) | Authored by Nick Biasini and Chris Neal with Contributions from Dmytro Korzhevin. Several cyber attacks against Ukrainian government websites - including website defacements and destructive wiper malware - have made headlines over the past few weeks as military tensions along the Russian/Ukrainian... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Malware | ||
|
2022-01-21 11:38:09 | (Déjà vu) Threat Roundup for January 14 to January 21 (lien direct) | Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 14 and Jan. 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-20 11:00:00 | Threat Source Newsletter (Jan. 20, 2022) (lien direct) | Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. Even though we're nearly a month into 2022, we're still not quite ready to move on from 2021. That's why next week, we'll be going live on social media to talk about some of the top cybersecurity stories from the past... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-14 14:20:45 | (Déjà vu) Threat Roundup for January 7 to January 14 (lien direct) | Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 7 and Jan. 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-14 07:16:05 | Talos Takes Ep. #82: Log4j followed us in 2022 (lien direct) | By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. It's a new year, but unfortunately, we're facing the same cybersecurity problems. Log4j followed us into the holidays,... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-13 11:00:00 | Threat Source Newsletter (Jan. 13, 2022) (lien direct) | Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. Move out of the way, Log4j! Traditional malware is back with a bang in 2022. While Log4j is likely still occupying many defenders' minds, the bad guys are still out there doing not-Log4j things. We have new research out... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Malware | ||
|
2022-01-13 07:22:29 | (Déjà vu) Beers with Talos, Ep. #114: And then there were two... (lien direct) | Beers with Talos (BWT) Podcast episode No. 114 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherRecorded Dec. 9, 2021. If iTunes and Google Play aren't your thing, click here. We joked... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-12 05:02:08 | Nanocore, Netwire and AsyncRAT spreading campaign uses public cloud infrastructure (lien direct) | By Chetan Raghuprasad and Vanja Svajcer. Cisco Talos discovered a malicious campaign in October 2021 delivering variants of Nanocore, Netwire and AsyncRATs targeting user's information. According to Cisco Secure product telemetry, the victims of this campaign are primarily distributed across the... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-11 14:12:07 | Microsoft Patch Tuesday for Jan. 2022 - Snort rules and prominent vulnerabilities (lien direct) | By Jon Munshaw and Vitor Ventura. Microsoft released its monthly security update Tuesday, disclosing 102 vulnerabilities across its large collection of hardware and software. This is the largest amount of vulnerabilities Microsoft has disclosed in a monthly security update in eight months,... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-11 09:09:41 | Vulnerability Spotlight: Two vulnerabilities in Adobe Acrobat DC could lead to arbitrary code execution (lien direct) | Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in Adobe Acrobat Reader DC that could allow an attacker to eventually gain the ability to execute arbitrary code. Acrobat is one of the most... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-11 07:07:00 | (Déjà vu) Vulnerability Spotlight: Heap buffer overflow condition in Google Chrome could lead to code execution (lien direct) | Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Google Chrome. Google Chrome is a cross-platform web browser - and Chromium is the open-source version of... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Vulnerability | ||
|
2022-01-10 06:45:06 | Vulnerability Spotlight: Buffer overflow vulnerability in AnyCubic Chitubox plugin (lien direct) | Carl Hurd of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in the Chitubox AnyCubic plugin. Chitubox is 3-D printing software for users to download and process models and send them... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Vulnerability | ||
|
2022-01-07 13:41:01 | (Déjà vu) Threat Roundup for December 31 to January 7 (lien direct) | Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 31 and Jan. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2022-01-06 11:00:00 | Threat Source Newsletter (Jan. 6, 2022) (lien direct) | Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. We hope everyone had some well-deserved, relaxing time off over the holidays. Unfortunately, we are all back now and Log4j is still an issue. And even though it seems like Log4j has already been in the news for a year,... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2021-12-27 06:00:00 | 2021: Looking back on the year in malware and cyber attacks, from SolarWinds to Log4j (lien direct) | By Jon Munshaw. It seems like we were just recovering from the aftermath of the massive SolarWinds campaign a month or two ago. And now suddenly, it's been a year since one of the largest cyber attacks in history and moving onto another threat that could last for years. That just seemed to be... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Threat Malware | ||
|
2021-12-21 07:21:38 | (Déjà vu) Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution (lien direct) | A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in the DaVinci Resolve video editing software that could allow an adversary to execute code in the context of the application. DaVinci Resolve is a... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2021-12-20 08:12:21 | Vulnerability Spotlight: Vulnerabilities in metal detector peripheral could allow attackers to manipulate security devices (lien direct) | Matt Wiseman of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in a device from Garrett Metal Detectors that could allow remote attackers to bypass authentication requirements, manipulate metal detector... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2021-12-16 11:26:20 | Threat Source Newsletter (Dec. 16, 2021) (lien direct) | Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. I'm just going to cut to the chase since I know all anyone wants to read about is Log4J. For the latest Talos research, continually check back on our blog post here. Above is the live stream we recorded Monday morning... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2021-12-15 09:02:19 | (Déjà vu) Beers with Talos, Ep. #112: A new host approaches! (lien direct) | Beers with Talos (BWT) Podcast episode No. 112 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts Google Podcasts Spotify StitcherIf iTunes and Google Play aren't your thing, click here. We promised it wouldn't be long... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2021-12-10 13:17:14 | (Déjà vu) Threat Roundup for December 3 to December 10 (lien direct) | Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 3 and Dec. 10. As with previous roundups, this post isn't meant tobifj be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2021-12-10 11:49:54 | Threat Advisory: Critical Apache Log4j vulnerability being exploited in the wild (lien direct) | Cisco Talos is aware of CVE-2021-44228, an actively exploited vulnerability in Apache Log4j. We are releasing coverage to defend against the exploitation of this vulnerability, which you can find below.The vulnerability affects a widely used Java logging library that many large organizations may... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Vulnerability | ||
|
2021-12-10 11:30:36 | Talos Takes Ep. #80: I\'ll have a blue Christmas without a CTIR retainer (lien direct) | By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. It's the holiday season, which means last-minute shopping, family time and cheer. Oh, and it's never a bad time to... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2021-12-09 11:00:00 | Threat Source Newsletter (Dec. 9, 2021) (lien direct) | Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. The good news keeps rolling in for our Incident Response team, who received another accolade by being featured in Forrester's recent quarterly report on the incident readiness industry. This comes on the heels of the team... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2021-12-07 06:00:08 | Cisco recognized by Forrester as cybersecurity incident response services provider (lien direct) | By Brad Garnett. Cisco Talos Incident Response is proud to announce that Forrester has recognized us by including Cisco in the new Forrester report “Now Tech: Cybersecurity Incident Response Services, Q4 2021.” The Forrester report provides an overview of 36 Cybersecurity Incident Response... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2021-12-03 12:03:18 | (Déjà vu) Threat Roundup for November 26 to December 3 (lien direct) | Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 26 and Dec. 3. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2021-12-03 07:46:29 | Talos Takes Ep. #79: Emotet\'s back with the worst type of holiday present (lien direct) | By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Emotet is back, and it brought the worst possible holiday present (just in time for peak spam season, too!). We... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Spam | ||
|
2021-12-02 11:00:00 | Threat Source Newsletter (Dec. 2, 2021) (lien direct) | Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. The Thanksgiving holiday in the U.S. didn't slow us down at all, even though we were all still trying to sleep off the food coma from the long weekend. But we came back this week with lots of fun content. Cisco received... [[ This is only the beginning! Please visit the blog for the complete entry ]] | |||
|
2021-12-02 05:00:01 | Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extension (lien direct) | By Tiago Pereira. Talos recently observed a malicious campaign offering fake installers of popular software as bait to get users to execute malware on their systems. This campaign includes a set of malware distribution campaigns that started in late 2018 and have targeted mainly Canada, along... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Malware | ||
|
2021-12-01 05:23:18 | (Déjà vu) Vulnerability Spotlight: Use-after-free condition in Google Chrome could lead to code execution (lien direct) | Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser - and Chromium is the open-source version of the browser... [[ This is only the beginning! Please visit the blog for the complete entry ]] | Vulnerability |
To see everything:
Our RSS (filtrered)
