Security
Headlines
HeadlinesLatestCVEs

Tag

#Threat Source newsletter

The features all Incident Response Plans need to have

By Paul Lee, Yuri Kramarz and Martin Lee. Adversaries are always growing their capabilities and changing their tactics, leading to a greater number of incidents and data breaches. This is supported by organizations such as ITRC who reports that the number of data breaches in 2021 is already greater... [[ This is only the beginning! Please visit the blog for the complete entry ]]

TALOS
#Headlines#SecureX#Threat Roundup#threats#vulnerabilities#Features#Threat Source newsletter#vulnerability#microsoft#Cisco Talos Incident Response#CTIR#incident response
Threat Source newsletter (Nov. 4, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   A series of vulnerabilities in Microsoft Exchange Server made waves earlier this year for coming under attack. And while they've come and gone from the headlines since then, attackers are still very much paying... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (Oct. 28, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   Most people know about chicken and waffles. But what about squirrel and waffles? They may not be the most appetizing brunch, but they are teaming up for one heck of a spam campaign.  We have new research out... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Quarterly Report: Incident Response trends from Q3 2021

Ransomware again dominated the threat landscape, while BEC grew  By David Liebenberg and Caitlin Huey.  Once again, ransomware was the most dominant threat observed in Cisco Talos Incident Response (CTIR) engagements this quarter.   CTIR helped resolve several significant... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Malicious campaign uses a barrage of commodity RATs to target Afghanistan and India

Cisco Talos recently discovered a threat actor using political and government-themed malicious domains to target entities in India and Afghanistan.These attacks use dcRAT and QuasarRAT for Windows delivered via malicious documents exploiting CVE-2017-11882 — a memory corruption vulnerability in... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (Oct. 21, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   We're writing this on Wednesday for PTO reasons, so apologies if we miss any major news that happens after Wednesday afternoon.  Above, you can watch our awesome live stream from Monday with Brad Garnett from... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (Oct. 14, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   It's still Cybersecurity Awareness Month, and what better way to celebrate by patching and then patching some more?  This week was Microsoft Patch Tuesday, which only included two critical vulnerabilities, but still... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (Oct. 7, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   Every day, we see mountains and mountains of data. So how do we comb through all of it to find out what's important to customers and users? Well, there are many ways, but we wanted to give readers and researchers a look... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (Sept. 30, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   In the latest example of attackers trying to capitalize on current headlines, we've spotted a group using the recent fervor around the Pegasus spyware to spread malware.  We've detailed a campaign in which the... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (Sept. 23, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers.   The Russian APT Turla is one of the most notorious threat actors out there today. And they aren't stopping, recently adding a new backdoor to their arsenal that serves as a "last chance" to retain a foothold on victim... [[ This is only the beginning! Please visit the blog for the complete entry ]]