Cisco Talos Blog

Featured

New details on TinyTurla’s post-compromise activity reveal full kill chain

We now have new information on the entire kill chain this actor uses, including the tactics, techniques and procedures (TTPs) utilized to steal valuable information from their victims and propagate through their infected enterprises.

March 20, 2024 12:00

Netgear wireless router open to code execution after buffer overflow vulnerability

There is also a newly disclosed vulnerability in a graphics driver for some NVIDIA GPUs that could lead to a memory leak.

March 15, 2024 10:00

The LockBit story: Why the ransomware affiliate model can turn takedowns into disruptions

Talos explores the recent law enforcement takedown of LockBit, a prolific ransomware group that claimed to resume their operations 7 days later.

March 13, 2024 08:00

Threat actors leverage document publishing sites for ongoing credential and session token theft

Talos IR has responded to several recent incidents in which threat actors used legitimate digital document publishing sites such as Publuu and Marq to host phishing documents as part of ongoing credential and session harvesting attacks.

Recent
March 21, 2024 14:00

“Pig butchering” is an evolution of a social engineering tactic we’ve seen for years

In the case of pig butchering scams, it’s not really anything that can be solved by a cybersecurity solution or sold in a package.

March 20, 2024 08:00

Dissecting a complex vulnerability and achieving arbitrary code execution in Ichitaro Word

Research conducted by Cisco Talos last year uncovered multiple vulnerabilities rated as low severity despite their ability to allow for full arbitrary code execution.

March 14, 2024 14:00

Not everything has to be a massive, global cyber attack

There are a few reasons why we’re so ready to jump to the “it’s a cyber attack!”

March 12, 2024 14:07

Another Patch Tuesday with no zero-days, only two critical vulnerabilities disclosed by Microsoft

March’s Patch Tuesday is relatively light, containing 60 vulnerabilities — only two labeled “critical.”

March 7, 2024 14:00

You’re going to start seeing more tax-related spam, but remember, that doesn’t actually mean there’s more spam

It’s important to be vigilant about tax-related scams any time these deadlines roll around, regardless of what country you’re in, but it’s not like you need to be particularly more skeptical in March and April.