Cisco Talos Intelligence Blog

May 25, 2023 08:05

Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware

Commercial spyware use is on the rise, with actors leveraging these sophisticated tools to conduct surveillance operations against a growing number of targets. Cisco Talos has new details of a commercial spyware product sold by the spyware firm Intellexa (formerly known as Cytrox).

April 24, 2023 10:04

Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges

The issue could then allow the malicious actor to generate arbitrary logs which can trigger malicious commands to be run with elevated privileges.

March 30, 2023 18:03

Threat Advisory: 3CX Softphone Supply Chain Compromise

This is just the latest supply chain attack threatening users, after the SolarWinds incident in 2020 and the REvil ransomware group exploiting Kaseya VSA in 2021.

March 23, 2023 07:03

Senderbase.org redirects to end in April

As of April 20, 2023, we are decommissioning SenderBase.org and any attempts to visit that web page will fail.

March 15, 2023 19:03

Threat Advisory: Microsoft Outlook privilege escalation vulnerability being exploited in the wild

Cisco Talos is urging all users to update Microsoft Outlook after the discovery of a critical vulnerability, CVE-2023-23397, in the email client that attackers are actively exploiting in the wild.

February 6, 2023 08:02

Ransomware and Commodity Loader Topic Summary Report: Cisco Talos Year in Review 2022

The ransomware space is dynamic, continually adapting to changes in the geopolitical environment, actions by defenders, and efforts by law enforcement, which increased in scope and intensity in 2022. Cisco Talos observed several related trends across 2022. Read the full report here.

January 24, 2023 09:01

Threat Landscape Topic Summary Report: Cisco Talos Year in Review 2022

In this section, we provide an overview of the general threat landscape throughout 2022 and major trends based on telemetry sets gathered across Talos.

January 10, 2023 12:01

Increasing trust, commitment, and predictability during a remote incident response

In this blog post, Cisco Talos Incident Response (Talos IR) presents some of the key benefits of remote IR support and offers a list of recommendations for working on a remote incident.

January 10, 2023 09:01

APT Topic Summary Report: Cisco Talos Year in Review 2022

State-sponsored or state-aligned advanced persistent threats (APTs) adapted to the changing geopolitical landscape in 2022. Cisco Talos observed several offensive cyber campaigns linked to several groups stemming from Russia, Iran, China, North Korea, and countries in the Indian subcontinent...