Talos Takes Ep. #70: Let's put a positive spin on this whole working from home thing for once
By Jon Munshaw. The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. As part of National Cybersecurity Awareness Month, we're releasing a special series of Talos Takes
Threat Source newsletter (Sept. 30, 2021)
Good afternoon, Talos readers. In the latest example of attackers trying to capitalize on current headlines, we've spotted a group using the recent fervor around the Pegasus spyware to spread malware. We've detailed a campaign in which the attackers have copied (nearly
A wolf in sheep's clothing: Actors spread malware by leveraging trust in Amnesty International and fear of Pegasus
By Vitor Ventura and Arnaud Zobec. Threat actors are impersonating the group Amnesty International and promising to protect against the Pegasus spyware as part of a scheme to deliver malware. Amnesty International recently made international headlines when it released a groundb
Threat Roundup for September 17 to September 24
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 17 and Sept. 24. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
Talos Takes Ep. #69: Our armadillo in shining armor
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We also preach the importance of multi-factor authentication. But what happens when the bad guys start going after those
Threat Source newsletter (Sept. 23, 2021)
Good afternoon, Talos readers. The Russian APT Turla is one of the most notorious threat actors out there today. And they aren't stopping, recently adding a new backdoor to their arsenal that serves as a "last chance" to retain a foothold on victim machines, even a
Vulnerability Spotlight: Information disclosure vulnerability in D-LINK DIR-3040 mesh router
Dave McDaniel of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable information disclosure vulnerability in the D-LINK DIR-3040 smart WiFi mesh router that could allow an adversary to eventually turn off the device or remove other connected
Operation “Armor Piercer:” Targeted attacks in the Indian subcontinent using commercial RATs
By Asheer Malhotra, Vanja Svajcer and Justin Thattil. * Cisco Talos is tracking a campaign targeting government personnel in India using themes and tactics similar to APT36 (aka Mythic Leopard and Transparent Tribe). * This campaign distributes malicious documents and archive
TinyTurla - Turla deploys new malware to keep a secret backdoor on victim machines
News summary * Cisco Talos recently discovered a new backdoor used by the Russian Turla APT group. * We have seen infections in the U.S., Germany and, more recently, in Afghanistan. * It is likely used as a stealth second-chance backdoor to keep access to infected devices *