Threat Advisory: Spring4Shell
UPDATE, APRIL 4, 2022: The Kenna Risk Score for CVE-2022-22965 is currently at maximum 100. This is an exceptionally rare score, of which only 415 out of 184,000 CVEs (or 0.22 percent) have achieved, reflecting the severity and potential effects of this vulnerability. To get a r
Vulnerability Spotlight: Heap overflow in Sound Exchange libsox library
Lilith >_> of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in the sphere.c start_read() functionality of Sound Exchange libsox. The libsox library is a library of sound sample file fo
Threat advisory: Cybercriminals compromise users with malware disguised as pro-Ukraine cyber tools
This post is also available in: Українська (Ukrainian) Update March 17, 2022: Cisco Talos has updated the IOC section with additional hashes and ClamAV coverage. Executive summary * Opportunistic cybercriminals are attempting to exploit Ukrainian sympathizers by offering ma
Cisco stands on guard with our customers in Ukraine
This post is also available in: Українська (Ukrainian) * As the Russia-led invasion intensifies, Ukraine is being attacked by bombs and bytes. Cisco is working around the clock on a global, company-wide effort to protect our customers there and ensure that nothing goes dark.
Current executive guidance for ongoing cyberattacks in Ukraine
This post is also available in: 日本語 (Japanese) Українська (Ukrainian) Cyber threat activity against Ukraine, and around the world, has long been a central focus of our work. We continue to monitor the Ukraine-Russia situation by enacting a comprehensive, Talos-wide effort to p
Talos on the developing situation in Ukraine
This post is also available in: 日本語 (Japanese) Українська (Ukrainian) In the last month, Talos has seen a shift in activity in response to the unjust invasion of Ukraine. This post is meant to serve as our executive overview of the situation and provide you with the most up-to
Threat Advisory: Cyclops Blink
Update Mar. 17, 2022 Today, Asus released a product security advisory listing their products affected by Cyclops Blink. While the investigation is currently ongoing, this advisory provides guidance on taking necessary precautions via a checklist for the affected product versions
Threat Advisory: HermeticWiper
This post is also available in: 日本語 (Japanese) Українська (Ukrainian) Update: March 1, 2022 Cisco Talos is aware of reporting related to additional components discovered to be associated with ongoing HermeticWiper attacks. These additional components include: * HermeticWiz
Ukraine Campaign Delivers Defacement and Wipers, in Continued Escalation
By Nick Biasini, Michael Chen, Alex Karkins, Azim Khodjibaev, Chris Neal and Matt Olney, with contributions from Dmytro Korzhevin. This post is also available in: 日本語 (Japanese) Update Feb. 4, 2022 Since the initial publication of this blog, various organizations inside Ukra