Clik here to view.
Threat Roundup for February 7 to February 14
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 7 and Feb. 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Beers with Talos Ep. #72: Getting to Patch Day - Understanding Vulnerability...
Beers with Talos (BWT) Podcast episode No. 72 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing, click here.Recorded Jan. 31,...
View ArticleClik here to view.
Building a bypass with MSBuild
NEWS SUMMARYLiving-off-the-land binaries (LoLBins) continue to pose a risk to security defenders.We analyze the usage of the Microsoft Build Engine by attackers and red team personnel.These threats...
View ArticleClik here to view.
Vulnerability Spotlight: Memory corruption, DoS vulnerabilities in CoTURN
Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.CoTURN contains denial-of-service and memory corruption vulnerabilities in the way its web server parses POST...
View ArticleClik here to view.
Cisco Talos Incident Response "Stories from the Field" #2: When do lawyers...
The second video in our "Stories in the Field" series from Cisco Talos Incident Response is here, with Matt Aubert talking about lawyers.While getting a general counsel involved may seem like an...
View ArticleClik here to view.
ObliqueRAT: New RAT hits victims' endpoints via malicious documents
By Asheer Malhotra.Cisco Talos has observed a malware campaign that utilizes malicious Microsoft Office documents (maldocs) to spread a remote access trojan (RAT) we're calling "ObliqueRAT." These...
View ArticleClik here to view.
Threat Source newsletter (Feb. 20, 2020)
Newsletter compiled by Jon Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.We’ve got more ways than ever for you to...
View ArticleClik here to view.
Threat Roundup for February 14 to February 21
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 14 and Feb. 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Vulnerability Spotlight: Multiple vulnerabilities in Moxa AWK-3131A
Jared Rittle and Carl Hurd of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.The Moxa AWK-3131A networking device contains several different vulnerabilities that an attacker could...
View ArticleClik here to view.
New Research Paper: Prevalence and Impact of Low-Entropy Packing Schemes in...
Detection of malware is a constant battle between the technologies designed to detect and prevent malware and the authors creating them. One common technique adversaries leverage is packing binaries....
View ArticleClik here to view.
Beers with Talos Ep. #73: Feature ownership, vuln advisories and fancy audio FX
Beers with Talos (BWT) Podcast episode No. 73 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing, click here.Recorded Feb. 19,...
View ArticleClik here to view.
Threat Source newsletter (Feb. 27, 2020)
Newsletter compiled by Jon Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.We know we’ve kept you waiting for a...
View ArticleClik here to view.
Threat Roundup for February 21 to February 28
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 21 and Feb. 28. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Video: What defenders can learn from past ransomware attacks
The Cisco Talos Incident Response "Stories from the Field" video series returns with another entry from Matt Aubert.This time, Matt discusses ransomware infections he's seen in real-time, and shares...
View ArticleClik here to view.
Bisonal: 10 years of play
By Warren Mercer, Paul Rascagneres and Vitor Ventura.Executive summarySecurity researchers detected and exposed the Bisonal malware over the past 10 years. But the Tonto team, the threat actor behind...
View ArticleClik here to view.
Threat Source newsletter (March 5, 2020)
Newsletter compiled by Jon Munshaw.Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.Sure, all anyone wants to talk about is...
View ArticleClik here to view.
Threat Roundup for February 28 to March 6
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 28 and March 6. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Vulnerability Spotlight: WAGO products contain remote code execution, other...
Patrick DeSantis, Carl Hurd, Kelly Leuschner and Lilith [-_-]; of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.Cisco Talos recently discovered several vulnerabilities in multiple...
View ArticleClik here to view.
Vulnerability Spotlight: Information disclosure in Windows 10 Kernel
Marcin Towalski of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.Cisco Talos recently discovered an information disclosure vulnerability in the Windows 10 kernel. An attacker could...
View ArticleClik here to view.
Microsoft Patch Tuesday — March 2020: Vulnerability disclosures and Snort...
By Jon Munshaw and Vitor Ventura.Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch...
View Article