Clik here to view.
Abusing with style: Leveraging cascading style sheets for evasion and tracking
Cisco Talos has identified actors abusing Cascading Style Sheets (CSS) to 1) evade spam filters and detection engines, and 2) track users’ actions and preferences. This blog is a follow-up to our...
View ArticleClik here to view.
Patch it up: Old vulnerabilities are everyone’s problems
Welcome to this week’s edition of the Threat Source newsletter.Let's pick up where we left off in my last newsletter. Please mark your calendars: The free support for Windows 10 will end on October 14,...
View ArticleClik here to view.
Miniaudio and Adobe Acrobat Reader vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed a Miniaudio and three Adobe vulnerabilities. The vulnerabilities mentioned in this blog post have been patched by their...
View ArticleClik here to view.
UAT-5918 targets critical infrastructure entities in Taiwan
By Jung soo An, Asheer Malhotra, Brandon White, and Vitor Ventura.Cisco Talos discovered a malicious campaign we track under the UAT-5918 umbrella that has been active since at least 2023. UAT-5918, a...
View ArticleClik here to view.
Tomorrow, and tomorrow, and tomorrow: Information security and the Baseball...
Welcome to this week’s edition of the Threat Source newsletter. “Tomorrow, and tomorrow, and tomorrow / Creeps in this petty pace from day to day / To the last syllable of recorded time.” -...
View ArticleClik here to view.
Money Laundering 101, and why Joe is worried
Welcome to this week’s edition of the Threat Source newsletter. Howdy friends! One of things I learned early on in cyber security is that crime does, in fact, pay. It can pay very well, actually. If it...
View ArticleClik here to view.
Gamaredon campaign abuses LNK files to distribute Remcos backdoor
Cisco Talos is actively tracking an ongoing campaign targeting users in Ukraine with malicious LNK files, which run a PowerShell downloader, since at least November 2024. The file names use Russian...
View ArticleClik here to view.
Available now: 2024 Year in Review
Welcome to Cisco Talos’ 2024 Year in Review, available for download now. This report is powered by threat telemetry from over 46 million global devices across 193 countries and regions, amounting to...
View ArticleClik here to view.
Beers with Talos: Year in Review episode
Joe, Hazel, Bill and Dave break down Talos' Year in Review 2024 and discuss how and why cybercriminals have been leaning so heavily on attacks that are routed in stealth in simplicity. The team also...
View ArticleClik here to view.
One mighty fine-looking report
Welcome to this week’s edition of the Threat Source newsletter. They say art is subjective, but have you ever seen a well-formatted bar chart? Van Gogh had Starry Night, but Talos’ 2024 Year in Review...
View ArticleClik here to view.
Year in Review: In conversation with the report's authors
🎥 Talos Year in Review 2024: Part 1 & 2 – Watch Now!Another year, another mountain of malicious telemetry to sift through. I spoke with a few of Talos' Year in Review authors, freshly out of the...
View ArticleClik here to view.
Year in Review: Key vulnerabilities, tools, and shifts in attacker email tactics
Over the next few weeks, we’re breaking down the most critical sections of our 2024 Year in Review.This week, we examine the most frequently targeted vulnerabilities—particularly those affecting...
View ArticleClik here to view.
Microsoft Patch Tuesday for April 2025 — Snort rules and prominent...
Microsoft has released its monthly security update for April of 2025 which includes 126 vulnerabilities affecting a range of products, including 11 that Microsoft marked as “critical”. In this month's...
View ArticleClik here to view.
Unraveling the U.S. toll road smishing scams
Cisco Talos has observed a widespread and ongoing financial theft SMS phishing (smishing) campaign since October 2024 that targets toll road users in the United States of America. We observed that the...
View ArticleClik here to view.
Threat actors thrive in chaos
Welcome to this week’s edition of the Threat Source newsletter. If there’s one thing that threat actors love, it’s chaos. Headlines in the news that provoke an emotional response make excellent...
View ArticleClik here to view.
Year in Review: The biggest trends in ransomware
This week, our Year in Review spotlight is on ransomware—where low-profile tactics led to high-impact consequences.Ransomware operators often prioritized stealth over complexity for initial access....
View ArticleClik here to view.
Eclipse and STMicroelectronics vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities found in Eclipse ThreadX and four vulnerabilities in STMicroelectronics. The vulnerabilities...
View ArticleClik here to view.
Unmasking the new XorDDoS controller and infrastructure
Cisco Talos observed an existing distributed denial-of-service (DDoS) malware known as XorDDoS, continuing to spread globally between November 2023 and February 2025. A significant finding shows that...
View ArticleClik here to view.
Care what you share
Welcome to this week’s edition of the Threat Source newsletter. As we navigate our daily routines, certain tasks become second nature to us, especially if they are integral to our professions. However,...
View ArticleClik here to view.
Year in Review: Attacks on identity and MFA
For our third focussed topic for Talos' 2024 Year in Review, we tell the story of how identity has become the pivot point for adversarial campaigns.The main themes of this story are credential abuse,...
View Article