Quarterly Report: Incident Response trends from Winter 2020-21
For the seventh quarter in a row, Cisco Talos Incident Response (CTIR) observed ransomware dominating the threat landscape. The top variants were Ryuk and Vatet, which is notable given the absence of Ryuk last quarter. We also observed variants of Egregor and WastedLocker continu
Talos Takes Ep. #45: SMS authentication is still around, but that doesn't mean it's a good option
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. While there are many ways to add an extra layer of security to your logins nowadays, SMS is one that should probably be
Registration now open for Talos webinar on Android malware
Major ransomware attacks like those against hospital systems and government agencies are always going to make headlines. But some of the most prolific and widespread threats on the landscape today are more about smaller devices and networks — the ones that fit in your pocket. At
Threat Source newsletter (March 18, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. Start spreading the word now, the Snort scholarship is back for 2021! This year, we’re giving away two $10,000 awards to two college students who are studying cybersecurity or another IT-related field. Applicati
Talos Takes Ep. #44: A roundtable discussion on SolarWinds
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. Welcome to the first-ever XL edition of Talos Takes. This one is a little longer than usual, but we promise you it’s wor
Threat Source newsletter (March 11, 2021) — Featuring new SolarWinds roundtable
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We have a special edition of the Threat Source newsletter to bring you this week, because we’re premiering a new video for you right now! Below, you’ll find a full roundtable we put together discussing the Sola
Vulnerability Spotlight: Use-after-free vulnerability in 3MF Consortium lib3mf
Lilith >_> of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. 3MF Consortium’s lib3mf library is vulnerable to a use-after-free vulnerability that could allow an adversary to execute remote code on the victim machine. The lib3mf library is an open-source im
Microsoft Patch Tuesday for March 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Nick Biasini. Microsoft released its monthly security update Tuesday, disclosing 89 vulnerabilities across its suite of products, the most in any month so far this year. There are 14 critical vulnerabilities as part of this release and on
Talos Takes Ep. #43: What you should know about the Microsoft Exchange Server zero-days
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We put this episode together quickly this week to address the zero-day vulnerabilities Microsoft disclosed earlier this