Threat Roundup (Feb. 24 - March 3)
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 24 and March 3. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Threat Source newsletter (March 2, 2023) — Little victories in the fight against ransomware
Serious sanctions and legal consequences may be slowing ransomware groups down, but it's still unclear if this is a permanent shift.
Threat Source newsletter (Feb. 23, 2023) — Social media sites are making extra security a paid feature
App-based multi-factor authentication — which is still free on Twitter — is safer than SMS MFA. So in theory, forcing people to pay for it would make them less likely to use it and switch to the free option.
Threat Source newsletter (Feb. 16, 2023) — Recapping what we may have missed so far this year
Jon is back from parental leave and recapping the top security stories from late 2022 and early 2023 that totally blew by him.
Researcher Spotlight: How Azim Khodjibaev went from hunting real-world threats to threats on the dark web
Most of the time, Khodjibaev is combing through various dark web forums, ransomware group chats, Russian-speaking websites and other sources trying to learn of attackers’ next moves.
Threat Source newsletter (Oct. 27, 2022): I thought we were already aware of supply chain attacks?
Supply chain attacks were all the rage in 2020 after SolarWinds, but we seem to have forgotten how important they are.
Vulnerability Spotlight: Vulnerabilities in InHand router could give attackers access to console, delete files
This is just the latest set of vulnerabilities Talos has discovered in the InRouter302.
Threat Source newsletter (Oct. 20, 2022) — Shields Up! No seriously, Shields Waaaaay Up
State-sponsored actors have been busy over the past month, including the Killnet group, which recently targeted several U.S. local elections offices and major airports.
Vulnerability Spotlight: Vulnerabilities in Abode Systems home security kit could allow attacker to take over cameras, remotely disable them
Cisco Talos recently discovered several vulnerabilities in the Abode Systems iota All-In-One Security Kit.