Mercenary mayhem: A technical analysis of Intellexa's PREDATOR spyware
Commercial spyware use is on the rise, with actors leveraging these sophisticated tools to conduct surveillance operations against a growing number of targets. Cisco Talos has new details of a commercial spyware product sold by the spyware firm Intellexa (formerly known as Cytrox).
Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges
The issue could then allow the malicious actor to generate arbitrary logs which can trigger malicious commands to be run with elevated privileges.
Threat Advisory: 3CX Softphone Supply Chain Compromise
This is just the latest supply chain attack threatening users, after the SolarWinds incident in 2020 and the REvil ransomware group exploiting Kaseya VSA in 2021.
Senderbase.org redirects to end in April
As of April 20, 2023, we are decommissioning SenderBase.org and any attempts to visit that web page will fail.
Threat Advisory: Microsoft Outlook privilege escalation vulnerability being exploited in the wild
Cisco Talos is urging all users to update Microsoft Outlook after the discovery of a critical vulnerability, CVE-2023-23397, in the email client that attackers are actively exploiting in the wild.
Ransomware and Commodity Loader Topic Summary Report: Cisco Talos Year in Review 2022
The ransomware space is dynamic, continually adapting to changes in the geopolitical environment, actions by defenders, and efforts by law enforcement, which increased in scope and intensity in 2022. Cisco Talos observed several related trends across 2022. Read the full report here.
Threat Landscape Topic Summary Report: Cisco Talos Year in Review 2022
In this section, we provide an overview of the general threat landscape throughout 2022 and major trends based on telemetry sets gathered across Talos.
Increasing trust, commitment, and predictability during a remote incident response
In this blog post, Cisco Talos Incident Response (Talos IR) presents some of the key benefits of remote IR support and offers a list of recommendations for working on a remote incident.
APT Topic Summary Report: Cisco Talos Year in Review 2022
State-sponsored or state-aligned advanced persistent threats (APTs) adapted to the changing geopolitical landscape in 2022. Cisco Talos observed several offensive cyber campaigns linked to several groups stemming from Russia, Iran, China, North Korea, and countries in the Indian subcontinent...