Threat Advisory: Microsoft Outlook privilege escalation vulnerability being exploited in the wild
Cisco Talos is urging all users to update Microsoft Outlook after the discovery of a critical vulnerability, CVE-2023-23397, in the email client that attackers are actively exploiting in the wild.
Prometei botnet improves modules and exhibits new capabilities in recent updates
The high-profile botnet, focused on mining cryptocurrency, is back with new Linux versions.
New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign
Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims.
Beyond the basics: Implementing an active defense
An active defense posture, where the defenders actively use threat intelligence and their own telemetry to uncover potential compromises, is the next stage in the cyber security maturity road. Instead of waiting for detections to trigger, defenders can take initiative and hunt threat actors.
State Sponsored Attacks in 2023 and Beyond
As 2023 begins I wanted to look forward on the future of state sponsored aggression and how we can see it change and evolve over the next year and beyond.
The Company You Keep – Preparing for supply chain attacks with Talos IR
Organizations must proactively limit supply chain risks through careful selection of the company they keep while preparing to respond to an incident that will invariably originate from the supply chain.
Threat Advisory: High Severity OpenSSL Vulnerabilities
In late October two new buffer overflow vulnerabilities, CVE-2022-3602 and CVE-2022-3786, were announced in OpenSSL versions 3.0.0 to 3.0.6. These vulnerabilities can be exploited by sending an X.509 certificate with a specially crafted email address, potentially causing a buffer
Quarterly Report: Incident Response Trends in Q3 2022
A lack of MFA remains one of the biggest impediments to enterprise security.
New campaign uses government, union-themed lures to deliver Cobalt Strike beacons
Cisco Talos recently discovered a malicious campaign with a modularised attack technique to deliver Cobalt Strike beacons on infected endpoints.