Clik here to view.
What is threat hunting?
Many organizations are curious about the idea of threat hunting, but what does this really entail? What should you be hunting for? And what do you need to put in place to threat hunt properly? Four...
View ArticleClik here to view.
New SugarGh0st RAT targets Uzbekistan government and South Korea
Cisco Talos recently discovered a malicious campaign that likely started as early as August 2023, delivering a new remote access trojan (RAT) we dubbed “SugarGh0st.” We found evidence suggesting the...
View ArticleClik here to view.
$19 Stanely cups, fake Amazon Prime memberships all part of holiday shopping...
I know I’m a little late to the party to hit the prime SEO for Black Friday, Cyber Monday and holiday shopping. But if I know the readers of this newsletter, everyone is far from done with their...
View ArticleClik here to view.
Project PowerUp – Helping to keep the lights on in Ukraine in the face of...
As Russia’s invasion of Ukraine entered its first winter in late 2022, nearly half of Ukraine’s energy infrastructure had been destroyed, leaving millions without power. The resulting energy deficit...
View ArticleClik here to view.
The malware, attacker trends and more that shaped the threat landscape in 2023
The 2023 Cisco Talos Year in Review is now available to download. Once again, the Talos team has meticulously combed through a massive amount of data to analyze the major trends that have shaped the...
View ArticleClik here to view.
Beers with Talos episode 141: The TurkeyLurkey Man wants YOU to read Talos'...
In this episode the Beers with Talos team, led by special guest Dave Liebenberg, set out to save Thanksgiving. The TurkeyLurkey man is the hero that everybody needs, but perhaps don't deserve.For fans...
View ArticleClik here to view.
Remote code execution vulnerabilities found in Buildroot, Foxit PDF Reader
Cisco Talos has disclosed 10 vulnerabilities over the past two weeks, including nine that exist in a popular online PDF reader that offers a browser plugin. Attackers could exploit these...
View ArticleClik here to view.
Cybersecurity considerations to have when shopping for holiday gifts
As I wrote about last week, there are holiday shopping-related scams already popping up all over the place. But another aspect of security that many shoppers don’t consider this time of year is the...
View ArticleClik here to view.
Video: Talos 2023 Year in Review highlights
In this video, experts from across Cisco Talos came together to discuss the 2023 Talos Year in Review. We chat about what’s new, what’s stayed the same, and how the geopolitical environment has...
View ArticleClik here to view.
Operation Blacksmith: Lazarus targets organizations worldwide using novel...
Cisco Talos recently discovered a new campaign conducted by the Lazarus Group we’re calling “Operation Blacksmith,” employing at least three new DLang-based malware families, two of which are remote...
View ArticleClik here to view.
Microsoft releases lightest Patch Tuesday in three years, no zero-days disclosed
Microsoft’s monthly security update released Tuesday is the company’s lightest in four years, including only 33 vulnerabilities. Perhaps more notable is that there are no zero-day vulnerabilities...
View ArticleClik here to view.
Recommendations that defenders can use from Talos’ Year in Review Report
The Talos Year in Review is available now and contains a wealth of insights about how the threat landscape has shifted in 2023. With new ransomware strains emerging from leaked source code, commodity...
View ArticleClik here to view.
A personal Year in Review to round out 2023
As you’ve probably seen by now, Talos released our 2023 Year in Review report last week. It’s an extremely comprehensive look at the top threats, attacker trends and malware families from the past year...
View ArticleClik here to view.
Year in Malware 2023: Recapping the major cybersecurity stories of the past year
If there is anything the cybersecurity world learned in 2023, it’s that you can never count any bad guy out. Botnets kept coming back from the dead, ransomware actors found new ways to make money...
View ArticleClik here to view.
Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware
By Mike Gentile, Asheer Malhotra and Vitor Ventura.Editor’s note: This blog post is a public version of a talk presented at LabsCon 2023 on Sept. 22, 2023. You can watch a recording of the talk here....
View ArticleClik here to view.
Video series discussing the major threat actor trends from 2023
In this video series, Talos’ Director of Threat Intelligence and Interdiction Matt Olney and Head of Outreach Nick Biasini share their insights on the most significant cybersecurity threats from the...
View ArticleClik here to view.
New decryptor for Babuk Tortilla ransomware variant released
Cisco Talos obtained executable code capable of decrypting files affected by the Babuk Tortilla ransomware variant, allowing Talos to extract and share the private decryption key used by the threat...
View ArticleClik here to view.
Microsoft starts off new year with relatively light Patch Tuesday, no zero-days
Microsoft followed up one of the lightest recent Patch Tuesdays in December with another month of no zero-day vulnerabilities and only two critical issues. Many of the company’s monthly security...
View ArticleClik here to view.
Exploring malicious Windows drivers (Part 1): Introduction to the kernel and...
Exploring malicious Windows drivers (Part 1): Introduction to the kernel and drivers Drivers have long been of interest to threat actors, whether they are exploiting vulnerable drivers or creating...
View ArticleClik here to view.
Critical vulnerability in ManageEngine could lead to file creation, dozens of...
Cisco Talos’ Vulnerability Research team has disclosed dozens of vulnerabilities over the past month, including more than 30 advisories in GTKWave and a critical vulnerability in ManageEngine...
View Article