Threat Roundup for June 19 to June 26
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 19 and June 26. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Threat Source newsletter for June 25, 2020
Good afternoon, Talos readers. We recently decided to replace our use of the terms "blacklist" and "whitelist" with "block list" and "allow list.” Even though these terms are commonly in use in the security industry, we will not go along with c
Vulnerability Spotlight: Denial-of-service vulnerability in NVIDIA driver
Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Executive summary The NVWGF2UMX_CFG.DLL driver contains a denial-of-service vulnerability that an attacker could use to disrupt processes over a virtual machine. An adversary could exploit this bug
Cisco Talos replacing all mentions of 'blacklist,' 'whitelist'
There are many ways to respond to injustice, both large and small, but each response is important. While we acknowledge it is a small change, Cisco Talos is moving to replace our use of the terms "blacklist" and "whitelist" with "block list" and &quo
IndigoDrop spreads via military-themed lures to deliver Cobalt Strike
By Asheer Malhotra. * Cisco Talos has observed a malware campaign that utilizes military-themed malicious Microsoft Office documents (maldocs) to spread Cobalt Strike beacons containing full-fledged RAT capabilities. * These maldocs use malicious macros to deliver a multist
Threat Source newsletter for June 18, 2020
Good afternoon, Talos readers. Now that Cisco Live is over, you can access both of Talos’ talks on-demand here if you registered for the online event. The latest Beers with Talos episode covers how to push your career in cyber security forward when you feel like you’re stuck i
Beers with Talos Ep. #84: Mid-career advancement in cyber security
If iTunes and Google Play aren't your thing, click here. Recorded May 26, 2020 Prod. Note: Things are a hot mess right now and the team thinks that there are voices you have needed to hear more than ours, so we held back on releasing a few episodes. We are releasing those no
Quarterly report: Incident Response trends in Summer 2020
By David Liebenberg and Caitlin Huey. For the fourth quarter in a row, Ryuk dominated the threat landscape in incident response. As we mentioned in last quarter’s report, Ryuk has shifted from relying on commodity trojans to using living-off-the-land tools. This has led to a dec
Threat Roundup for June 5 to June 12
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 5 and June 12. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke