Threat Source newsletter (March 2, 2023) — Little victories in the fight against ransomware
Serious sanctions and legal consequences may be slowing ransomware groups down, but it's still unclear if this is a permanent shift.
Threat Source newsletter (Feb. 23, 2023) — Social media sites are making extra security a paid feature
App-based multi-factor authentication — which is still free on Twitter — is safer than SMS MFA. So in theory, forcing people to pay for it would make them less likely to use it and switch to the free option.
Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
Two of the vulnerabilities are considered to be considered of critical importance, with a CVSS score of a maximum 10 out of 10.
Threat Source newsletter (Feb. 16, 2023) — Recapping what we may have missed so far this year
Jon is back from parental leave and recapping the top security stories from late 2022 and early 2023 that totally blew by him.
Researcher Spotlight: How working for Talos started out as an ‘accident’ for Ashlee Benge before coming a second career
Talos’ lead of data strategy and insights has a lot of weight on her shoulders currently, but it’s nothing she’s not used to
Researcher Spotlight: How Azim Khodjibaev went from hunting real-world threats to threats on the dark web
Most of the time, Khodjibaev is combing through various dark web forums, ransomware group chats, Russian-speaking websites and other sources trying to learn of attackers’ next moves.
Threat Source newsletter (Oct. 27, 2022): I thought we were already aware of supply chain attacks?
Supply chain attacks were all the rage in 2020 after SolarWinds, but we seem to have forgotten how important they are.
Vulnerability Spotlight: Vulnerabilities in InHand router could give attackers access to console, delete files
This is just the latest set of vulnerabilities Talos has discovered in the InRouter302.
Threat Source newsletter (Oct. 20, 2022) — Shields Up! No seriously, Shields Waaaaay Up
State-sponsored actors have been busy over the past month, including the Killnet group, which recently targeted several U.S. local elections offices and major airports.