Clik here to view.
2017 in Snort Signatures.
This post was written by Martin Lee and Vanja Svajcer.2017 was an eventful year for cyber security with high profile vulnerabilities that allowed self-replicating worm attacks such as WannaCry and...
View ArticleClik here to view.
Ransom Where? Malicious Cryptocurrency Miners Takeover, Generating Millions
The Dark Side of the Digital Gold RushThis post was authored by Nick Biasini, Edmund Brumaghin, Warren Mercer and Josh Reynolds with contributions from Azim Khodijbaev and David Liebenberg.Executive...
View ArticleClik here to view.
Flash 0 Day In The Wild: Group 123 At The Controls
This blog post is authored by Warren Mercer and Paul Rascagneres.Executive SummaryThe 1st of February, Adobe published an advisory concerning a Flash vulnerability (CVE-2018-4878). This vulnerability...
View ArticleClik here to view.
Beers with Talos EP 22: Forget the ASA, Rob Joyce Favorited Craig’s Tweet
Beers with Talos (BWT) Podcast Episode 22 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastEP22...
View ArticleClik here to view.
Targeted Attacks In The Middle East
This blog post is authored by Paul Rascagneres with assistance of Martin Lee.Executive SummaryTalos has identified a targeted attacks affecting the Middle East. This campaign contains the following...
View ArticleClik here to view.
Threat Round Up for Feb 2 - Feb 9
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between February 2 and February 9. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Olympic Destroyer Takes Aim At Winter Olympics
This blog post is authored by Warren Mercer and Paul Rascagneres.Update 2/12 12:00: We have updated the destructor section with action taken against mapped file sharesSummaryThe Winter Olympics this...
View ArticleClik here to view.
Microsoft Patch Tuesday - February 2018
Microsoft Patch Tuesday - February 2018Today Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's...
View ArticleClik here to view.
COINHOARDER: Tracking a Ukrainian Bitcoin Phishing Ring DNS Style
This post is authored by Jeremiah O'Connor and Dave Maynor with contributions from Artsiom Holub and Austin McBride. Executive SummaryCisco has been tracking a bitcoin theft campaign for over 6 months....
View ArticleClik here to view.
Threat Round Up for Feb 9 - Feb 16
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between February 9 and February 16. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Talos Quarterly Threat Briefing - Winter 2018
Date: Tuesday, February 27, 2018Time: 1:00pm ET/10:00am PTTopic: Miners, Malspam, and Meltdowns Register here: http://cs.co/TalosQTB-Q218Space is limited for this event, so be sure to save your spot....
View ArticleClik here to view.
Beers with Talos EP23 - Eternal Fauxmance: Attribution Easter Eggs
Beers with Talos (BWT) Podcast Episode 23 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastEP23...
View ArticleClik here to view.
Vulnerability Spotlight: Adobe Acrobat Reader DC Document ID Remote Code...
Discovered by Aleksandar Nikolic of Cisco TalosOverviewToday, Talos is releasing details of a new vulnerability within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and most...
View ArticleClik here to view.
Threat Round Up for Feb 16 - 23
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between February 16 and February 23. As with previous round-ups, this post isn't meant to be an in-depth analysis....
View ArticleClik here to view.
Who Wasn’t Responsible for Olympic Destroyer?
This blog post is authored by Paul Rascagneres and Martin Lee.SummaryEvidence linking the Olympic Destroyer malware to a specific threat actor group is contradictory, and does not allow for unambiguous...
View ArticleClik here to view.
CannibalRAT targets Brazil
This post was authored by Warren Mercer and Vitor VenturaIntroductionTalos has identified two different versions of a RAT, otherwise known as a remote access trojan, that has been written entirely in...
View ArticleClik here to view.
Vulnerability Spotlight: Dovecot out-of-bounds Read Vulnerability
p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 10.0px Monaco; color: #000000; background-color: #ffffff} p.p2 {margin: 0.0px 0.0px 0.0px 0.0px; font: 10.0px Monaco; color: #000000; background-color:...
View ArticleClik here to view.
Vulnerability Spotlight: Simple DirectMedia Layer’s SDL2_Image
OverviewTalos is disclosing several vulnerabilities identified in Simple DirectMedia Layer's SDL2_Image library that could allow code execution. Simple DirectMedia Layer is a cross-platform development...
View ArticleClik here to view.
Gozi ISFB Remains Active in 2018, Leverages "Dark Cloud" Botnet For Distribution
This blog post was authored by Edmund Brumaghin and Holger Unterbrink, with contributions from Adam Weller.Executive SummaryGozi ISFB is a well-known and widely distributed banking trojan, and has been...
View ArticleClik here to view.
Beers with Talos EP24: Reflections on DDoS and Bad Authentication Schemes
Beers with Talos (BWT) Podcast Episode 24 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastEP24...
View Article