TALOS

Talos discovered a new, stealthy espionage campaign that has likely persisted since at least March 2021. The observed activity affects an Islamic non-profit organization using backdoors for a previously unreported malware family we have named “Zardoor.”

You’ve probably heard the phrase, “Attackers don’t hack anyone these days. They log on.” In this blog, we describe the various tools and techniques bad actors are using to steal credentials so they can 'log on' with valid account details, and outline our recommendations for defense.

Researchers recently discovered 49 zero-day vulnerabilities, including a two-vulnerability exploit chain in Tesla cars that could allow an attacker to take over the onboard infotainment system.

Open Automation Software recently released patches for multiple vulnerabilities in their OAS Engine.  Cisco Talos publicly disclosed these issues after working with Open Automation Software to ensure that patches were available for users. Now that a fix has been released with Version 19, we want to take the time

Cyber insurance premiums are expected to rise this year after leveling out in 2023.

Talos IR observed operations involving Play, Cactus, BlackSuit and NoEscape ransomware for the first time this quarter.

There are many examples of WiFi-enabled home cameras, assistants and doorbells vulnerable to a wide range of security issues.

Exploring malicious Windows drivers (Part 1): Introduction to the kernel and drivers  Drivers have long been of interest to threat actors, whether they are exploiting vulnerable drivers or creating malicious ones. Malicious drivers are difficult to detect and successfully leveraging one can give an attacker full access to a

There are also multiple vulnerabilities in AVideo, an open-source video broadcasting suite, that could lead to arbitrary code execution.

One of the critical vulnerabilities patched Tuesday is CVE-2024-20674, a security bypass vulnerability in the Windows Kerberos authentication protocol.