Beers with Talos, Ep. #106: Is more than executive action in order?
Beers with Talos (BWT) Podcast episode No. 106 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded May 20, 2021. Craig wins MVP of the podcast for his attempts to avoid
Threat Source newsletter (June 24, 2021)
Good afternoon, Talos readers. Even though spam emails asking for gift cards may seem like the oldest trick in the book, they're still effective in 2021. The FBI estimates that business email compromise cost victims around $1.8 billion in 2020, and we've seen recent camp
Attackers in Executive Clothing - BEC continues to separate orgs from their money
By Nick Biasini. In today's world of threat research, the focus tends to be on the overtly malicious practice of distributing and installing malware on end systems. But this is far from the complete picture of what threats organizations face. One of the most, if not the most
Talos Takes Ep. #57: A ransomware-as-a-service explainer
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. How much is ransomware-as-a-service like a McDonald’s franchise? More similar than you’d think! The RaaS model has enter
Threat Roundup for June 11 to June 17
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 11 and June 17. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Threat Source newsletter (June 17, 2021)
Good afternoon, Talos readers. Although the Colonial Pipeline attack is largely behind us now, its potential repercussions are not. This was just the latest in a string of attacks against American critical infrastructure over the past few years, and we don't expect them to s
Vulnerability Spotlight: EIP Stack Group OpENer information disclosure vulnerability
Martin Zeiser of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered an exploitable information disclosure vulnerability in EIP Stack Group OpENer’s Ethernet/IP UDP handler. OpENer is an Ethernet/IP stack for I/O adapter devices that
What’s past is prologue – A new world of critical infrastructure security
By Caitlin Huey, Joe Marshall and Thomas Pope. Attackers have targeted American critical infrastructure several times over the past few years, putting at risk U.S. electrical grids, oil pipelines and water supply systems. However, we collectively have not responded in a meaningf
Threat Roundup for June 4 to June 11
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 4 and June 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke