Cisco Talos Blog

Recent
May 14, 2024 13:57

Only one critical vulnerability included in May’s Microsoft Patch Tuesday; One other zero-day in DWN Core

The lone critical security issue is CVE-2024-30044, a remote code execution vulnerability in SharePoint Server.

May 14, 2024 08:42

Talos joins CISA to counter cyber threats against non-profits, activists and other at-risk communities

Commercial spyware tools can threaten democratic values by enabling governments to conduct covert surveillance on citizens, undermining privacy rights and freedom of expression.

May 9, 2024 14:00

A new alert system from CISA seems to be effective — now we just need companies to sign up

Under a pilot program, CISA has sent out more than 2,000 alerts to registered organizations regarding the existence of any unpatched vulnerabilities in CISA’s KEV catalog.

May 8, 2024 12:00

Talos discloses multiple zero-day vulnerabilities, two of which could lead to code execution

Two vulnerabilities in this group — one in the Tinyroxy HTTP proxy daemon and another in the stb_vorbis.c file library — could lead to arbitrary code execution, earning both issues a CVSS score of 9.8 out of 10.

May 2, 2024 14:00

What can we learn from the passwords used in brute-force attacks?

There are some classics on this list — the ever-present “Password” password, Passw0rd (with a zero, not an “O”) and “123456.”

May 1, 2024 12:00

Vulnerabilities in employee management system could lead to remote code execution, login credential theft

Talos also recently helped to responsibly disclose and patch other vulnerabilities in the Foxit PDF Reader and two open-source libraries that support the processing and handling of DICOM files.

April 30, 2024 08:00

Cisco Talos at RSAC 2024

With RSAC just a week away, Cisco Talos is gearing up for another year of heading to San Francisco to share in some of the latest major cybersecurity announcements, research and news.

April 29, 2024 08:00

James Nutland studies what makes threat actors tick, growing our understanding of the current APT landscape

Nutland says he goes into every engagement or new project with a completely open mind and a blank slate — using his background investigating terror operations to find out as much as he can about a particular adversary’s operation.

April 25, 2024 14:00

The private sector probably isn’t coming to save the NVD

Plus, new details emerge on the Scattered Spider cybercrime network and ArcaneDoor.