Cisco Talos Intelligence Blog

March 2, 2023 14:03

Threat Source newsletter (March 2, 2023) — Little victories in the fight against ransomware

Serious sanctions and legal consequences may be slowing ransomware groups down, but it's still unclear if this is a permanent shift.

February 23, 2023 14:02

Threat Source newsletter (Feb. 23, 2023) — Social media sites are making extra security a paid feature

App-based multi-factor authentication — which is still free on Twitter — is safer than SMS MFA. So in theory, forcing people to pay for it would make them less likely to use it and switch to the free option.

February 23, 2023 09:02

Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities

Two of the vulnerabilities are considered to be considered of critical importance, with a CVSS score of a maximum 10 out of 10.

February 16, 2023 14:02

Threat Source newsletter (Feb. 16, 2023) — Recapping what we may have missed so far this year

Jon is back from parental leave and recapping the top security stories from late 2022 and early 2023 that totally blew by him.

November 29, 2022 08:11

Researcher Spotlight: How working for Talos started out as an ‘accident’ for Ashlee Benge before coming a second career

Talos’ lead of data strategy and insights has a lot of weight on her shoulders currently, but it’s nothing she’s not used to

October 31, 2022 14:10

Researcher Spotlight: How Azim Khodjibaev went from hunting real-world threats to threats on the dark web

Most of the time, Khodjibaev is combing through various dark web forums, ransomware group chats, Russian-speaking websites and other sources trying to learn of attackers’ next moves.

October 27, 2022 14:10

Threat Source newsletter (Oct. 27, 2022): I thought we were already aware of supply chain attacks?

Supply chain attacks were all the rage in 2020 after SolarWinds, but we seem to have forgotten how important they are.

October 27, 2022 11:10

Vulnerability Spotlight: Vulnerabilities in InHand router could give attackers access to console, delete files

This is just the latest set of vulnerabilities Talos has discovered in the InRouter302.

October 20, 2022 14:10

Threat Source newsletter (Oct. 20, 2022) — Shields Up! No seriously, Shields Waaaaay Up

State-sponsored actors have been busy over the past month, including the Killnet group, which recently targeted several U.S. local elections offices and major airports.