Security
Headlines
HeadlinesLatestCVEs

Tag

#SecureX

Threat Advisory: Apache HTTP Server zero-day vulnerability opens door for attackers

A recently discovered vulnerability in Apache HTTP Server (CVE-2021-41733) is being actively exploited in the wild. This vulnerability is a path traversal and file disclosure vulnerability that could allow an attacker to map URLs outside of the document root. It could also result in exposure of... [[ This is only the beginning! Please visit the blog for the complete entry ]]

TALOS
Open in Source
#Apache#SecureX#Threat Advisory#Vulnerability
Threat Roundup for September 24 to October 1

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 24 and Oct. 1. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]]

A wolf in sheep's clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus

By Vitor Ventura and Arnaud Zobec. Threat actors are impersonating the group Amnesty International and promising to protect against the Pegasus spyware as part of a scheme to deliver malware. Amnesty International recently made international headlines when it released a groundbreaking report on... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Roundup for September 17 to September 24

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 17 and Sept. 24. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs

By Asheer Malhotra, Vanja Svajcer and Justin Thattil. Cisco Talos is tracking a campaign targeting government personnel in India using themes and tactics similar to APT36 (aka Mythic Leopard and Transparent Tribe).This campaign distributes malicious documents and archives to deliver the Netwire... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Vulnerability Spotlight: Information disclosure vulnerability in D-LINK DIR-3040 mesh router

Dave McDaniel of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable information disclosure vulnerability in the D-LINK DIR-3040 smart WiFi mesh router that could allow an adversary to eventually turn off the device or remove other... [[ This is only the beginning! Please visit the blog for the complete entry ]]