TalosSecurity

TalosSecurity, 8 days ago to brazil

Everything you need to know about #CarnavalHeist, a new banking #trojan we've discovered targeting users in #Brazil http://cs.co/6017emEjU

video/mp4

TalosSecurity, 9 days ago to random

A new threat actor known as #LilacSquid is using several different pieces of #malware to silently infiltrate networks and steal sensitive data. Read more about this group and the TTPs they share with some North Korean state-sponsored actors https://blog.talosintelligence.com/lilacsquid/

TalosSecurity, 10 days ago to CrystalsHashtags

Talos recently disclosed two vulnerabilities in #Adobe #Acrobat, along with multiple remote code execution issues in a popular line of PLC CPU modules. Get caught up on the vulns our team recently helped to disclose, and patch, in our latest Vulnerability Roundup. https://blog.talosintelligence.com/vulnerability-roundup-may-29-2024/

video/mp4

TalosSecurity, 17 days ago to random

Attackers are increasingly relying on brand impersonation in their #phishing emails to make them appear more legitimate. Learn how Cisco Secure Email can help protect users and sniff out logos and links https://blog.talosintelligence.com/from-trust-to-trickery-brand-impersonation/

TalosSecurity, 23 days ago to github

Cisco Talos has developed a fuzzer that enables us to test macOS software on commodity hardware. We released this tool on #GitHub this morning, and you can learn more about it here http://cs.co/6019dusi3

video/mp4

TalosSecurity, 1 month ago to random

From use-after-free vulnerabilities in a popular PDF Reader that could lead to arbitrary code execution, to an issue in a timecard reader that could allow an adversary to steal the admin's login credentials, get caught up on all the software and hardware vulnerabilities our team recently discovered https://blog.talosintelligence.com/vulnerability-roundup-may-1-2024/

video/mp4

TalosSecurity, 1 month ago to random

We have new research on the #CoralRaider APT out this morning. They've added three new information-stealing #Malware families to their arsenal, allowing them to expand the geographies they target https://blog.talosintelligence.com/suspected-coralraider-continues-to-expand-victimology-using-three-information-stealers/

TalosSecurity, 1 month ago to Ukraine

A new #malware we recently discovered is tricking users in #Ukraine into uploading sensitive documents to #VirtusTotal, a popular platform for threat researchers and admins https://blog.talosintelligence.com/offlrouter-virus-causes-upload-confidential-documents-to-virustotal/

video/mp4

TalosSecurity, 1 month ago to random

Threat Advisory: We've recently spotted an increase in brute-force attacks targeting several popular services, including #VPN and #SSH https://blog.talosintelligence.com/large-scale-brute-force-activity-targeting-vpns-ssh-services-with-commonly-used-login-credentials/

video/mp4

TalosSecurity, 1 month ago to random

This morning, we published new research into #StarryAddax, a newly discovered threat actor who is targeting human rights activists in North Africa. Learn more about their #phishing campaigns and fake apps here https://blog.talosintelligence.com/starry-addax/

TalosSecurity, 2 months ago to random

New research out this morning on a new APT from Vietnam we're calling #CoralRaider. It's out to steal important login credentials, banking information and take over targets' social media accounts https://blog.talosintelligence.com/coralraider-targets-socialmedia-accounts/

TalosSecurity, 2 months ago to random

Talos' Vulnerability Research team recently discovered a seemingly low-severity vulnerability in #Ichitaro Office. But in this Vulnerability Deep Dive, we show how, despite its low severity score, an attacker could exploit it to remotely execute code https://blog.talosintelligence.com/exploiting-low-severity-vulnerability-using-a-frame-pointer-overwrite/

video/mp4

TalosSecurity, 3 months ago to random

Meet Talos' latest open-source project, Badgerboard: A new proof-of-concept tool designed to expose previously inaccessible backplane traffic and allow OT network operators to better understand the current state of their network. http://cs.co/6016XoU1k

TalosSecurity, 3 months ago to random

The #GhostSec group recently added new #ransomware tools to its arsenal, and we're seeing them target organizations all over the globe (though mainly in the education and tech sectors) https://blog.talosintelligence.com/ghostsec-ghostlocker2-ransomware/

TalosSecurity, 3 months ago to Mexico

The new #TimbreStealer campaign is targeting users in #Mexico with tax-related lures and phishing emails https://blog.talosintelligence.com/timbrestealer-campaign-targets-mexican-users/

TalosSecurity, 3 months ago to random

We released more details this morning on the #Turla activity we're actively tracking, including new information about its command and control and various payloads https://blog.talosintelligence.com/tinyturla-ng-tooling-and-c2/

video/mp4

TalosSecurity, 3 months ago to random

CVSS 4.0 will add new context around how attackers try to exploit vulnerabilities, but it doesn't solve all the issues with a single scoring system for vulnerability severity. More on the Talos blog: https://blog.talosintelligence.com/how-cvss-4-0-changes-vulnerability-severity/

TalosSecurity, 3 months ago to random

The next generation of #Turla is here, in the form of a new "last chance" backdoor https://blog.talosintelligence.com/tinyturla-next-generation/

video/mp4

TalosSecurity, 4 months ago to random

We're releasing new details about a recently discovered backdoor called "Zardoor" that appears to be operated by a previously undiscovered actor https://blog.talosintelligence.com/new-zardoor-backdoor/

TalosSecurity, 4 months ago to random

Why is the use of stolen credentials more pervasive now than ever? https://blog.talosintelligence.com/how-are-user-credentials-stolen-and-used-by-threat-actors/

video/mp4

TalosSecurity, 4 months ago to random

We have a new Vulnerability Deep Dive showing how an attacker could chain together several low-severity vulnerabilities in Open Automation System's engine to gain elevated privileges on a targeted device https://blog.talosintelligence.com/oas-engine-deep-dive/

video/mp4

TalosSecurity, 4 months ago to random

#Ransomware and pre-ransomware activities were the most commonly seen threat Talos IR saw in engagements last quarter. Find out more about what we saw in the field to close out 2023 here https://blog.talosintelligence.com/talos-ir-quarterly-report-q4-2023/

TalosSecurity, 4 months ago to windows

We're launching a new series of "how to" blog posts on analyzing malicious #Windows drivers, and our first entry covers the basics of how drivers work, how they fit into I/O environments, and why attackers are leveraging them https://blog.talosintelligence.com/exploring-malicious-windows-drivers-part-1-introduction-to-the-kernel-and-driv

TalosSecurity, 4 months ago to random

Get caught up on all the security issues our vulnerability research team has helped disclose since the start of the new year, including multiple remote code execution vulnerabilities https://blog.talosintelligence.com/vulnerability-roundup-jan-17-2024/

video/mp4

TalosSecurity, 4 months ago to random

Thanks to our partners at Avast and the Dutch Prosecution Office, we were able to help release a new version of the #ransomware decryptor for #Babuk. Additionally, Dutch police used our research to track down and charge one of the operators behind this ransomware. https://blog.talosintelligence.com/decryptor-babuk-tortilla/