Masslogger campaigns exfiltrates user credentials
By Vanja Svajcer. News summary * As protection techniques develop, attackers are finding it harder to successfully attack their targets and must find creative ways to succeed. * Cisco Talos recently discovered a campaign utilizing a variant of the Masslogger trojan designe
Vulnerability Spotlight: Two vulnerabilities in Advantech WebAccess/SCADA
Yuri Kramarz of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered two vulnerabilities in the Advantech WebAccess/SCADA software package. An adversary could exploit each of these vulnerabilities to disclose sensitive information and e
Threat Roundup for February 5 to February 12
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 5 and Feb. 12. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Talos Takes Ep. #41: The tl;dr of Snort 3
The latest episode of Talos Takes is available now. Download this episode and subscribe to Talos Takes using the buttons below, or visit the Talos Takes page. This week's episode is for all our SNORTⓇ lovers out there. To celebrate last month's release of the Snort 3 GA,
Threat Source newsletter (Feb. 11, 2021)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. We have an update on LodaRAT, a trojan we’ve been following for years. This threat has a new version targeting Android devices, looking to infect devices and steal user’s credentials and monitor things like thei
Beers with Talos Ep. #100: The supersized centennial episode
Beers with Talos (BWT) Podcast episode No. 100 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded Jan. 8, 2020. It’s hard to believe that we have made 100 episodes of B
Microsoft Patch Tuesday for Feb. 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Bill Largent. Microsoft released its monthly security update Tuesday, disclosing 56 vulnerabilities across its suite of products. This is the smallest amount of vulnerabilities Microsoft has disclosed in a month since January 2020. There
Kasablanka Group's LodaRAT improves espionage capabilities on Android and Windows
* The developers of LodaRAT have added Android as a targeted platform. * A new iteration of LodaRAT for Windows has been identified with improved sound recording capabilities. * The operators behind LodaRAT tied to a specific campaign targeting Bangladesh, although others h
Vulnerability Spotlight: Accusoft ImageGear vulnerabilities could lead to code execution
Marcin Towalski, Emmanuel Tacheau and another Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw. Accusoft ImageGear contains two remote code execution vulnerabilities. ImageGear is a document and imaging library from Accusoft that developers can use t