Threat Source newsletter (Sept. 30, 2021)
Good afternoon, Talos readers. In the latest example of attackers trying to capitalize on current headlines, we've spotted a group using the recent fervor around the Pegasus spyware to spread malware. We've detailed a campaign in which the attackers have copied (nearly
Talos Takes Ep. #69: Our armadillo in shining armor
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We also preach the importance of multi-factor authentication. But what happens when the bad guys start going after those
Threat Source newsletter (Sept. 23, 2021)
Good afternoon, Talos readers. The Russian APT Turla is one of the most notorious threat actors out there today. And they aren't stopping, recently adding a new backdoor to their arsenal that serves as a "last chance" to retain a foothold on victim machines, even a
Vulnerability Spotlight: Information disclosure vulnerability in D-LINK DIR-3040 mesh router
Dave McDaniel of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable information disclosure vulnerability in the D-LINK DIR-3040 smart WiFi mesh router that could allow an adversary to eventually turn off the device or remove other connected
Talos Takes Ep. #68: The various pivots and pitfalls in a malware investigation
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. On this week's episode, Vitor Ventura from our research team walks through his recent work on connecting several mal
Threat Source newsletter (Sept. 16, 2021)
Good afternoon, Talos readers. It's a bird, it's a plane, it's a rat! We've been tracking a series of trojans targeting the aviation industry, and trying to lure victims in by sending them spam related to flight itineraries and other transportation news. In our
Microsoft Patch Tuesday for Sept. 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Holger Unterbrink. Microsoft released its monthly security update Tuesday, disclosing 85 vulnerabilities across the company’s firmware and software. This month’s release is headlined by an official patch for the critical remote code execut
Downtime on Talos Intelligence
TalosIntelligence.com will be down for a short time on Sept. 17 around 10 a.m. ET while we perform some routine maintenance on the site. We apologize for any inconvenience this may cause. We expect the interruption will only last for about 30 minutes.
Vulnerability Spotlight: Code execution vulnerability in Nitro Pro PDF
A Cisco Talos team member discovered these vulnerabilities. Cisco Talos recently discovered a vulnerability in the Nitro Pro PDF reader that could allow an attacker to execute code in the context of the application. Nitro Pro PDF is part of Nitro Software’s Productivity Suite.