Threat Source newsletter (Aug. 11, 2022) — All of the things-as-a-service
Welcome to this week’s edition of the Threat Source newsletter. Everyone seems to want to create the next “Netflix” of something. Xbox’s Game Pass is the “Netflix of video games.” Rent the Runway is a “Netflix of fashion” where customers subscribe to a rotation of fancy clothes.
Microsoft Patch Tuesday for August 2022 — Snort rules and prominent vulnerabilities
Microsoft released its monthly security update Tuesday, disclosing more than 120 vulnerabilities across its line of products and software, the most in a single Patch Tuesday in four months. This batch of updates also includes a fix for a new vulnerability in the Microsoft Window
New SDR feature released for Cisco Secure Email
Cisco Talos today announced the release of a new mechanism that allows Cisco Secure Email customers the option to submit Sender Domain Reputation (SDR) disputes through TalosIntelligence.com. Customers now have the option of receiving self-service support through TalosIntelligen
Threat Source newsletter (Aug. 4, 2022) — BlackHat 2022 preview
Welcome to this week’s edition of the Threat Source newsletter. After what seems like forever and honestly has been a really long time, we’re heading back to BlackHat in-person this year. We’re excited to see a lot of old friends again to commiserate, hang out, trade stories and
Vulnerability Spotlight: Vulnerabilities in Alyac antivirus program could stop virus scanning, cause code execution
Jaewon Min of Cisco Talos discovered these vulnerabilities. Update (Aug. 3, 2022): Talos disclosed two new vulnerabilities in the Alyac antivirus software and added their details to this post. Cisco Talos recently discovered out-of-bounds read and buffer overflow vulnerabilitie
Researcher Spotlight: You should have been listening to Lurene Grenier years ago
The exploit researcher recently rejoined Talos after starting her career with the company’s predecessor Lurene Grenier says state-sponsored threat actors keep her up at night, even after years of studying and following them. She’s spent her security career warning people why th
Threat Roundup for July 22 - 29
Talos is publishing a glimpse into the most prevalent threats we've observed from July 22 - 29. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral cha
Threat Source newsletter (July 28, 2022) — What constitutes an "entry-level" job in cybersecurity?
Welcome to this week’s edition of the Threat Source newsletter. Between the White House’s recent meeting, countless conference talks and report after report warning of cybersecurity burnout, there’s been a ton of talk recently around the cybersecurity skills gap and hiring. Eve
What Talos Incident Response learned from a recent Qakbot attack hijacking old email threads
By Nate Pors and Terryn Valikodath. Executive summary * In a recent malspam campaign delivering the Qakbot banking trojan, Cisco Talos Incident Response (CTIR) observed the adversary using aggregated, old email threads from multiple organizations that we assess were likely ha