Threat Roundup (Feb. 24 - March 3)
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 24 and March 3. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Threat Source newsletter (March 2, 2023) — Little victories in the fight against ransomware
Serious sanctions and legal consequences may be slowing ransomware groups down, but it's still unclear if this is a permanent shift.
Threat Source newsletter (Feb. 23, 2023) — Social media sites are making extra security a paid feature
App-based multi-factor authentication — which is still free on Twitter — is safer than SMS MFA. So in theory, forcing people to pay for it would make them less likely to use it and switch to the free option.
Threat Source newsletter (Feb. 16, 2023) — Recapping what we may have missed so far this year
Jon is back from parental leave and recapping the top security stories from late 2022 and early 2023 that totally blew by him.
Vulnerability Spotlight: Asus router access, information disclosure, denial of service vulnerabilities discovered
Cisco Talos recently discovered three vulnerabilities in Asus router software. The Asus RT-AX82U router is one of the newer Wi-Fi 6 (802.11ax)-enabled routers that also supports mesh networking with other Asus routers. Like other routers, it is configurable via an HTTP server ru
Vulnerability Spotlight: OpenImageIO file processing issues could lead to arbitrary code execution, sensitive information leak and denial of service
Cisco Talos recently discovered nineteen vulnerabilities in OpenImageIO, an image processing library, which could lead to sensitive information disclosure, denial of service and heap buffer overflows which could further lead to code execution. OpenImageIO is an image processing
Researcher Spotlight: How Azim Khodjibaev went from hunting real-world threats to threats on the dark web
Most of the time, Khodjibaev is combing through various dark web forums, ransomware group chats, Russian-speaking websites and other sources trying to learn of attackers’ next moves.
Threat Source newsletter (Oct. 27, 2022): I thought we were already aware of supply chain attacks?
Supply chain attacks were all the rage in 2020 after SolarWinds, but we seem to have forgotten how important they are.
Vulnerability Spotlight: Vulnerabilities in InHand router could give attackers access to console, delete files
This is just the latest set of vulnerabilities Talos has discovered in the InRouter302.