Cisco Talos Blog

April 25, 2024 14:00

The private sector probably isn’t coming to save the NVD

Plus, new details emerge on the Scattered Spider cybercrime network and ArcaneDoor.

April 19, 2024 08:00

What’s the deal with the massive backlog of vulnerabilities at the NVD?

Given the state of the NVD and vulnerability management, we felt it was worth looking at the current state of the NVD, how we got to this point, what it means for security teams, and where we go from here.

April 18, 2024 14:00

Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation?

At most, someone who intentionally or repeatedly shares information on their social platform that’s misleading or downright false may have their account blocked, suspended or deleted.

April 11, 2024 14:00

The internet is already scary enough without April Fool’s jokes

The security community is still reflecting on the “What If” of the XZ backdoor.

April 10, 2024 12:56

Vulnerability in some TP-Link routers could lead to factory reset

There are also two out-of-bounds write vulnerabilities in the AMD Radeon user mode driver for DirectX 11.

April 9, 2024 14:23

April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution

Though April’s monthly security update from Microsoft includes 150 vulnerabilities, only three of them are considered “critical."

April 4, 2024 14:00

There are plenty of ways to improve cybersecurity that don’t involve making workers return to a physical office

An April 2023 study from Kent State University found that remote workers are more likely to be vigilant of security threats and take actions to ward them off than their in-office counterparts.

March 21, 2024 14:00

“Pig butchering” is an evolution of a social engineering tactic we’ve seen for years

In the case of pig butchering scams, it’s not really anything that can be solved by a cybersecurity solution or sold in a package.

March 20, 2024 12:00

Netgear wireless router open to code execution after buffer overflow vulnerability

There is also a newly disclosed vulnerability in a graphics driver for some NVIDIA GPUs that could lead to a memory leak.