Talos Takes Ep. #47: Looking back at the Masslogger trojan
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We return to our usual formatting this week to discuss the Masslogger trojan. We covered this threat earlier this year i
Threat Source Newsletter (April 1, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We hope you’re enjoying Cisco Live this week and only reading this after you’ve caught up on your sessions for the day. No April Fool’s jokes here (thankfully) — we are just excited to tell you that application
Vulnerability Spotlight: Out-of-bounds write vulnerabilities in Accusoft ImageGear
Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple out-of-bounds write vulnerabilities in Accusoft ImageGear that an adversary could exploit to corrupt memory on the targeted machine. The ImageGear libr
Cheating the cheater: How adversaries are using backdoored video game cheat engines and modding tools
By Nick Lister and Holger Unterbrink, with contributions from Vanja Svajcer. News summary * Cisco Talos recently discovered a new campaign targeting video game players and other PC modders. * Talos detected a new cryptor used in several different malware campaigns hidden
Threat Roundup for March 19 to March 26
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 19 and March 26. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
Talos Takes Ep. #46: Everything you could ever hope to know about Snort 3
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. We've got another special XL episode this week, this time about Snort 3. This roundtable covers everything you could
Threat Source Newsletter (March 25, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. The Cisco Talos Incident Response team has several new, valuable insights into the threat landscape in the latest Quarterly Trends report. This post highlights the malware families our researchers are seeing mos
Quarterly Report: Incident Response trends from Winter 2020-21
For the seventh quarter in a row, Cisco Talos Incident Response (CTIR) observed ransomware dominating the threat landscape. The top variants were Ryuk and Vatet, which is notable given the absence of Ryuk last quarter. We also observed variants of Egregor and WastedLocker continu
Defending Microsoft Exchange from encrypted attacks with Cisco Secure IPS
This blog was authored by Brandon Stultz Microsoft released fixes for several critical vulnerabilities in Exchange Server earlier this month. One of these vulnerabilities (CVE-2021-26855) — aka "ProxyLogon" — is especially dangerous. ProxyLogon is a server-side request