Video: Everything you need to know about ongoing state-sponsored attacks targeting network infrastructure across the globe
Video explanation of the Jaguar Tooth vulnerabilities with Matt Olney, J.J. Cummings and Hazel Burton.
Threat Source newsletter (April 20, 2023) — Preview of Cisco and Talos at RSA
Heading to San Francisco next week? Here are all the Talos and Cisco Secure talks and events you won't want to miss.
Threat Source newsletter (April 13, 2023) — Dark web forum whac-a-mole
Microsoft zero-days, dark web forum takedowns and Pentagon leaks on Discord in this week's newsletter.
Vulnerability Spotlight: Hard-coded password vulnerability could allow attacker to completely take over Lenovo Smart Clock
Talos also alerted Lenovo that the clock’s hardcoded root password is weak and easily guessed or cracked.
Microsoft Patch Tuesday for April 2023 — Snort rules and prominent vulnerabilities
April is the third month in a row in which at least one of the vulnerabilities Microsoft released in a Patch Tuesday had been exploited in the wild prior to disclosure.
Researcher Spotlight: Giannis Tziakouris first learned how to fix his family’s PC, and now he’s fixing networks all over the globe
As a senior incident responder, Giannis helps Cisco Talos Incident Response customers secure and respond to security incidents across the world.
Threat Source newsletter (April 6, 2023) — Another friendly reminder about supply chain attacks
Be prepared to discuss difficult topics with potential new third-party software vendors, such as incident notification requirements, access to logs during a security incident and who the important emergency contacts are.
Vulnerability Spotlight: Vulnerabilities in popular Japanese word processing software could lead to arbitrary code execution, other issues
Ichitaro uses the ATOK input method (IME) and uses the proprietary .jtd file extension. It’s the second most-popular word processing system in Japan behind only Microsoft word.
Vulnerability Spotlight: Vulnerability in ManageEngine OpManager could lead to XXE attack
XXE attacks allow an adversary to interact with other backend or external systems that OpManager accesses.