Beers with Talos Ep. #98: Why ransomware actors are (and aren’t) targeting health care
If iTunes and Google Play aren't your thing, click here. By Mitch Neff. Recorded early November 2020. This is an episode we recorded in early November but got pushed back in the end of year shuffle to make production schedules work. We’re happy to put this one out now with
2020: The year in malware
By Jon Munshaw. Nothing was normal in 2020. Our ideas of working from offices, in-person meetings, hands-on learning and basically everything else was thrown into disarray early in the year. Since then, we defenders have had to adapt. But so have workers around the globe, and th
Talos Vulnerability Discovery Year in Review — 2020
While major attacks like ransomware and COVID-19-themed campaigns made headlines across the globe this year, many attacks were prevented through simple practices of finding, disclosing and patching vulnerabilities. Cisco Talos' Systems Vulnerability Research Team discovered
Threat Roundup for December 11 to December 18
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 11 and Dec. 18. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Threat Source newsletter (Dec. 17, 2020)
Newsletter compiled by Jon Munshaw. Good afternoon, Talos readers. This will be our last Threat Source newsletter of the year. We’ll be on a few-week break for the holidays until Jan. 7. Of course, all anyone wants to talk about this week is the SolarWinds supply chain attack.
Talos tools of the trade
By Andrea Marcelli and Holger Unterbrink. If you're looking for something to keep you busy while we're all stuck inside during the holidays, Cisco Talos has a few tools for you you can play with in the coming days and weeks. We recently updated GhIDA to work with the l
Vulnerability Spotlight: Multiple vulnerabilities in NZXT computer monitoring software
Carl Hurd of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. NZXT’s CAM computer monitoring software contains multiple vulnerabilities an attacker could use to carry out a range of malicious actions. CAM provides users information on their machines, such as fan s
Vulnerability Spotlight: Two vulnerabilities in Lantronix XPort EDGE
Kelly Leuschner of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Executive summary Cisco Talos recently discovered two vulnerabilities in the Web Manager functionality of Lantronix XPort EDGE. The XPort EDGE is a next-generation wired Ethernet gateway for
Threat Advisory: SolarWinds supply chain attack
Update 12/21: IOC section updated to include new information and associated stage. Update 12/18: We have been able to verify the name server for the DGA domain was updated as far back as late February. Compromised binaries appear to have been available on the SolarWinds website