Cisco Talos Blog

July 9, 2024 14:01

Largest Patch Tuesday in 3 months includes 5 critical vulnerabilities

This is the largest Patch Tuesday since April, when Microsoft patched 150 vulnerabilities.

February 13, 2024 13:59

First Microsoft Patch Tuesday zero-day of 2024 disclosed as part of group of 75 vulnerabilities

Although considered of moderate risk, one of the vulnerabilities is being actively exploited in the wild — CVE-2024-21351, a security feature bypass vulnerability in Windows SmartScreen.

November 2, 2023 07:58

Attackers use JavaScript URLs, API forms and more to scam users in popular online game “Roblox”

Knowing the common scams is an important step in using the platform safely. The following recommendations help players not fall into scams.

July 11, 2023 15:26

Microsoft discloses more than 130 vulnerabilities as part of July’s Patch Tuesday, four exploited in the wild

Four of the disclosed vulnerabilities — albeit “important” ones — have been detected being exploited in the wild: CVE-2023-32046, CVE-2023-32049, CVE-2023-35311 and CVE-2023-36874.

May 10, 2023 08:00

New phishing-as-a-service tool “Greatness” already seen in the wild

Greatness incorporates features seen in some of the most advanced PaaS offerings, such as multi-factor authentication (MFA) bypass, IP filtering and integration with Telegram bots.

December 8, 2022 14:38

Breaking the silence - Recent Truebot activity

Since August 2022, we have seen an increase in infections of Truebot (aka Silence.Downloader) malware. Truebot was first identified in 2017 and researchers have linked it to a threat actor called Silence Group that is responsible for several high-impact attacks on financial insti

July 12, 2022 13:33

Microsoft Patch Tuesday for July 2022 — Snort rules and prominent vulnerabilities

Microsoft released its monthly security update Tuesday, disclosing more than 80 vulnerabilities in the company’s various software, hardware and firmware offerings, including one that’s actively being exploited in the wild. July's security update features three critical vulne

March 17, 2022 07:58

From BlackMatter to BlackCat: Analyzing two attacks from one affiliate

* BlackCat is a recent and growing ransomware-as-a-service (RaaS) group that targeted several organizations worldwide over the past few months. * There are rumors of a relationship between BlackCat and the BlackMatter/DarkSide ransomware groups, infamous for attacking the Colon

December 2, 2021 07:48

Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extension

By Tiago Pereira. * Talos recently observed a malicious campaign offering fake installers of popular software as bait to get users to execute malware on their systems. * This campaign includes a set of malware distribution campaigns that started in late 2018 and have targeted