Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants

By Dmytro Korzhevin, Asheer Malhotra, Vanja Svajcer and Vitor Ventura.  Cisco Talos has observed a new wave of attacks active since at least late 2023, from a Russian speaking group we track as “UAT-5647”, against Ukrainian government entities and unknown Polish entities.  UAT-5647 is also known

TALOS
#web#mac#windows#google#microsoft#cisco#git#c++#backdoor#pdf#auth#chrome
Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity

Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response (EDR) solutions and hide malicious activity. Trend Micro said it detected "threat actors attempting to integrate EDRSilencer in their attacks, repurposing it as a means of evading detection." EDRSilencer, inspired by the NightHawk FireBlock tool from MDSec, is

Protecting major events: An incident response blueprint

Go behind the scenes with Talos incident responders and learn from what we've seen in the field.

Sidewinder Casts Wide Geographic Net in Latest Attack Spree

The long-active, India-sponsored cyber-threat group targeted multiple entities across Asia, Africa, the Middle East, and even Europe in a recent attack wave that demonstrated the use of a previously unknown post-exploit tool called StealerBot.

Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity

Organizations should be on high alert until next month's US presidential election to ensure the integrity of the voting process, researchers warn.

Intel Broker Claims Cisco Breach, Selling Stolen Data from Major Firms

Intel Broker claims a major data breach at Cisco, allegedly stealing source codes, confidential documents, and credentials from…

The Lingering 'Beige Desktop' Paradox

Organizations are grappling with the risks of having outdated hardware handling core workloads, mission-critical applications no one knows how to update or maintain, and systems that IT and security teams don't know about.

ConfusedPilot Attack Can Manipulate RAG-Based AI Systems

Attackers can introduce a malicious document in systems such as Microsoft 365 Copilot to confuse the system, potentially leading to widespread misinformation and compromised decision-making processes.