June 26, 2025 06:00
Decrement by one to rule them all: AsIO3.sys driver exploitation
Cisco Talos uncovered and analyzed two critical vulnerabilities in ASUS' AsIO3.sys driver, highlighting serious security risks and the importance of robust driver design.
May 22, 2025 06:00
UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware
Talos has observed exploitation of CVE-2025-0994 in the wild by UAT-6382, a Chinese-speaking threat actor, who then deployed malware payloads via TetraLoader.
December 19, 2024 06:04
Exploring vulnerable Windows drivers
This post is the result of research into the real-world application of the Bring Your Own Vulnerable Driver (BYOVD) technique along with Cisco Talos’ series of posts about malicious Windows drivers.
October 8, 2024 15:04
Largest Patch Tuesday since July includes two exploited in the wild, three critical vulnerabilities
The two vulnerabilities that Microsoft reports have been actively exploited in the wild and are publicly known are both rated as only being of “moderate” severity.