2021: Looking back on the year in malware and cyber attacks, from SolarWinds to Log4j
It seems like we were just recovering from the aftermath of the massive SolarWinds campaign a month or two ago. And now suddenly, it’s been a year since one of the largest cyber attacks in history and moving onto another threat that could last for years. That just seemed to be h
Vulnerability Spotlight: Vulnerabilities in metal detector peripheral could allow attackers to manipulate security devices
Matt Wiseman of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in a device from Garrett Metal Detectors that could allow remote attackers to bypass authentication requirements, manipulate metal detector configurations, and
Vulnerability Spotlight: Vulnerabilities in DaVinci Resolve video editing software could lead to code execution
Cisco Talos recently discovered two vulnerabilities in the DaVinci Resolve video editing software that could allow an adversary to execute code in the context of the application. DaVinci Resolve is a non-linear video editing application from Blackmagic Software that is available
Talos Takes Ep. #80: I'll have a blue Christmas without a CTIR retainer
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. It's the holiday season, which means last-minute shopping, family time and cheer. Oh, and it's never a bad time
Threat Source Newsletter (Dec. 16, 2021)
Good afternoon, Talos readers. I'm just going to cut to the chase since I know all anyone wants to read about is Log4J. For the latest Talos research, continually check back on our blog post here. Above is the live stream we recorded Monday morning updating everyone on the s
Threat Source Newsletter (Dec. 9, 2021)
Good afternoon, Talos readers. The good news keeps rolling in for our Incident Response team, who received another accolade by being featured in Forrester's recent quarterly report on the incident readiness industry. This comes on the heels of the team also being named a lea
Talos Takes Ep. #79: Emotet's back with the worst type of holiday present
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Emotet is back, and it brought the worst possible holiday present (just in time for peak spam season, too!). We recently
Threat Source Newsletter (Dec. 2, 2021)
Good afternoon, Talos readers. The Thanksgiving holiday in the U.S. didn't slow us down at all, even though we were all still trying to sleep off the food coma from the long weekend. But we came back this week with lots of fun content. Cisco received an early Christmas pres
Vulnerability Spotlight: Use-after-free condition in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that other software