Cisco Talos Blog

November 30, 2023 14:00

$19 Stanely cups, fake Amazon Prime memberships all part of holiday shopping scams circulating

Fake Facebook ads seem to be the flavor of the month for scammers.

November 22, 2023 12:00

Vulnerabilities in Adobe Acrobat, Microsoft Excel could lead to arbitrary code execution

Adobe recently patched two use-after-free vulnerabilities in its Acrobat PDF reader that Talos discovered, both of which could lead to arbitrary code execution.

November 16, 2023 14:00

We all just need to agree that ad blockers are good

YouTube’s new rules may not be around for long anyway, because they might run afoul of European Union regulations

November 14, 2023 14:46

Microsoft discloses only three critical vulnerabilities in November’s Patch Tuesday update, three other zero-days

In all, this set of vulnerabilities Microsoft patched includes 57 vulnerabilities, 54 of which are considered “important.”

November 9, 2023 14:00

A new video series, Google Forms spam and the various gray areas of cyber attacks

It can be easy to get caught up in the “big” questions in cybersecurity, like how to stop ransomware globally or keep hospitals up and running when they’re targeted by data theft extortion.

November 2, 2023 14:00

You’d be surprised to know what devices are still using Windows CE

The Arid Viper threat actor is actively trying to install spyware on targeted devices in the Middle East, using fake dating apps as lures.

October 26, 2023 14:00

How helpful are estimates about how much cyber attacks cost?

New YoroTrooper research, the latest on the Cisco IOS vulnerability, and more.

October 19, 2023 14:00

More helpful resources for users of all skill levels to help you Take a Security Action

Taking a “Security Action” of any kind — whether it be simply enabling multi-factor authentication for your online banking login or marking that weird email as spam — can go a long way toward you and any organizations you’re a part of be more security resilient.

October 12, 2023 14:00

Top resources for Cybersecurity Awareness Month

Plus, many of the world’s largest cloud providers are warning of a vulnerability that attackers exploited in August to launch the largest distributed denial-of-service attack on record.