How threat actors are using AI and other modern tools to enhance their phishing attempts
Tools like ChatGPT aren't making social engineering attacks any more effective, but it does make it faster for actors to write up phishing emails.
Emotet resumes spam operations, switches to OneNote
Since returning, Emotet has leveraged several distinct infection chains, indicating that they are modifying their approach based on their perceived success in infecting new systems.
HTML smugglers turn to SVG images
* HTML smuggling is a technique attackers use to hide an encoded malicious script within an HTML email attachment or webpage. * Once a victim receives the email and opens the attachment, their browser decodes and runs the script, which then assembles a malicious payload directl
Developer account body snatchers pose risks to the software supply chain
Cisco Talos examined several frequently used code repositories. We looked specifically at the security afforded to developer accounts, and how difficult it would be for an attacker to take over a developer account.
Attackers target Ukraine using GoMet backdoor
Executive summary Since the Russian invasion of Ukraine began, Ukrainians have been under a nearly constant barrage of cyber attacks. Working jointly with Ukrainian organizations, Cisco Talos has discovered a fairly uncommon piece of malware targeting Ukraine — this time aimed a
Microsoft Patch Tuesday for May 2022 — Snort rules and prominent vulnerabilities
Microsoft returned to its normal monthly patching volume in May, disclosing and fixing 74 vulnerabilities as part of the company’s latest security update. This month’s Patch Tuesday includes seven critical vulnerabilities after Microsoft disclosed more than 140 security issues in
TeamTNT Targeting AWS, Alibaba
By Darin Smith. * TeamTNT is actively modifying its scripts after they were made public by security researchers. * These scripts primarily target Amazon Web Services, but can also run in on-premise, container, or other forms of Linux instances. * The group's payloads include
On the Radar: Securing Web 3.0, the Metaverse and beyond
Internet technology evolves rapidly, and the World Wide Web (WWW or Web) is currently experiencing a transition into what many are calling "Web 3.0". Web 3.0 is a nebulous term. If you spend enough time Googling it, you'll find many interpretations regarding what Web 3.0 actually
Attackers exploiting zero-day vulnerability in Windows Installer — Here’s what you need to know and Talos’ coverage
Cisco Talos is releasing new SNORTⓇ rules to protect against the exploitation of a zero-day elevation of privilege vulnerability in Microsoft Windows Installer. This vulnerability allows an attacker with a limited user account to elevate their privileges to become an administrato