Talos Takes Ep. #67: What a leaked playbook tells us about the Conti ransomware group
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. There's a lot to take apart in the recently leaked Conti ransomware playbook. After a disgruntled m
Threat Source newsletter (Sept. 9, 2021)
Good afternoon, Talos readers. The biggest security news this week is no doubt another Microsoft zero-day. On the heels of PrintNightmare and multiple Exchange Server vulnerabilities comes a code execution vulnerability in MSHTML, the rendering engine in Internet Explorer. We h
Talos release protection against zero-day vulnerability (CVE-2021-40444) in Microsoft MSHTML
Cisco Talos released new SNORT® rules Thursday to protect against the exploitation of a zero-day vulnerability in Microsoft MSHTML that the company warns is being actively exploited in the wild. Users are encouraged to deploy SIDs 58120 – 58129, Snort 3 SID 300049 and ClamAV sig
Vulnerability Spotlight: Heap buffer overflow vulnerability in Ribbonsoft dxflib library
Lilith >_> of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in Ribbonsoft’s dxflib library that could lead to code execution. The dxflib library is a C++ library utilized by digital desig
Talos Takes Ep. #66: Dude, where's my bandwidth?
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. “Proxyware” sounds like a complicated topic that you’re too afraid to ask about. But really, it’s just software that all
Threat Source newsletter (Sept. 2, 2021)
Good afternoon, Talos readers. If you haven't seen already, our blog has a lot of cool and new stuff this week. We first dove into the world of proxyware on Tuesday (aka internet-sharing applications). Attackers are hiding in this newly popular software to steal users'
Talos Takes Ep: #65: How several RAT campaigns in Latin America are connected
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. As more people around the world start to get vaccinated against COVID-19, travel is becoming easier, especially during t
Threat Source newsletter (Aug. 26, 2021)
Good afternoon, Talos readers. We have RATs on RATs on RATs over the past few weeks. And last week, we found a few more heading to Latin America to target users and try to steal their login credentials. The threat actor in this case has some compelling connections to the Aggah
Threat Source newsletter (Aug. 19, 2021)
Good afternoon, Talos readers. I'm writing this on Tuesday morning on account of vacation (again), so apologies if we miss any major stories. You certainly don't want to miss our latest blog post on the Neurevt remote access trojan that's targeting users in Mexico.