Source
TALOS
Though April’s monthly security update from Microsoft includes 150 vulnerabilities, only three of them are considered “critical."
Cisco Talos is disclosing a new threat actor we deemed “Starry Addax” targeting mostly human rights activists, associated with the Sahrawi Arab Democratic Republic (SADR) cause with a novel mobile malware.
An April 2023 study from Kent State University found that remote workers are more likely to be vigilant of security threats and take actions to ward them off than their in-office counterparts.
Cisco Talos discovered a new threat actor we’re calling “CoralRaider” that we believe is of Vietnamese origin and financially motivated. CoralRaider has been operating since at least 2023, targeting victims in several Asian and Southeast Asian countries.
While there are many legitimate uses for this software, adversaries are also finding ways to use them for command and control in their campaigns.
Welcome to this week’s threat source newsletter with Jon out, you’ve got me as your substitute teacher. I’m taking you back to those halcyon days of youth and that moment when you found out that you had a sub that day...
In the case of pig butchering scams, it’s not really anything that can be solved by a cybersecurity solution or sold in a package.
We now have new information on the entire kill chain this actor uses, including the tactics, techniques and procedures (TTPs) utilized to steal valuable information from their victims and propagate through their infected enterprises.
There is also a newly disclosed vulnerability in a graphics driver for some NVIDIA GPUs that could lead to a memory leak.
Research conducted by Cisco Talos last year uncovered multiple vulnerabilities rated as low severity despite their ability to allow for full arbitrary code execution.