Quarterly Report: Incident Response trends from Q3 2021
Ransomware again dominated the threat landscape, while BEC grew By David Liebenberg and Caitlin Huey. Once again, ransomware was the most dominant threat observed in Cisco Talos Incident Response (CTIR) engagements this quarter. CTIR helped resolve several significant ransomwa
Threat Source newsletter (Oct. 21, 2021)
Good afternoon, Talos readers. We're writing this on Wednesday for PTO reasons, so apologies if we miss any major news that happens after Wednesday afternoon. Above, you can watch our awesome live stream from Monday with Brad Garnett from Cisco Talos Incident Response. Brad
Talos Takes Ep. #73 (NCSAM edition): Fight the phish from land, sea and air
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Most people may think of spam as being the classic email promising that you've won the lottery or some great prize,
Threat Source newsletter (Oct. 14, 2021)
Good afternoon, Talos readers. It's still Cybersecurity Awareness Month, and what better way to celebrate by patching and then patching some more? This week was Microsoft Patch Tuesday, which only included two critical vulnerabilities, but still requires patching diligence.
Vulnerability Spotlight: Code execution vulnerabilities in Nitro Pro PDF
A Cisco Talos team member discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application. Nitro Pro PDF is part of Nitro Software’s Productivit
Vulnerability Spotlight: Use-after-free vulnerability in Microsoft Excel could lead to code execution
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered a use-after-free vulnerability in the ConditionalFormatting functionality of Microsoft Office Excel 2019 that could allow an attacker to execute arbitrary code on the victim machi
Microsoft Patch Tuesday for Oct. 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Asheer Malhotra. Microsoft released its monthly security update Tuesday, disclosing 78 vulnerabilities in the company’s various software, hardware and firmware offerings. This month’s release is particularly notable because there are only
Vulnerability Spotlight: Vulnerabilities in Anker Eufy Homebase could lead to code execution, buffer overflows
UUpdate (Nov. 29, 2021): Anker patched five other vulnerabilities in this product affecting the same version as originally listed in this blog. These have been added to the post. Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered two
Talos Takes Ep. #71 (NCSAM edition): Reflecting on ransomware in 2021
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We are from the first (or last) people to say this, but 2021 is the year of ransomware. It’s by far the