Cisco Talos helps CISOs get back to basics with advisory series
At Cisco Talos, we try to build detections for every threat we see to provide customers with a portfolio capable of identifying and stopping threats at various stages of an attack's lifecycle. Deploying the best suite of layered security tools is an integral part of protectin
CISO Advisory: Governance & Risk Management
In the first in a series of CISO Advisories this paper address Governance & Risk Management as a fundamental part of any cyber security strategy. Download the paper here. Access the series introduction and index here.
Gustuff return, new features for victims
By Vitor Ventura with contributions from Chris Neal. Executive summary The Gustuff banking trojan is back with new features, months after initially appearing targeting financial institutions in Australia. Cisco Talos first reported on Gustuff in April. Soon after, the actors be
Threat Roundup for October 11 to October 18
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 11 and Oct. 18. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Vulnerability Spotlight: Multiple vulnerabilities in YouPHPTube
Yuri Kramarz of Security Advisory EMEAR discovered these vulnerabilities. YouPHPTube contains multiple vulnerabilities that could allow an attacker to carry out a variety of malicious activities. Specially crafted, attacker-created web requests can allow an attacker to inject SQ
Threat Source newsletter (Oct. 17, 2019)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. It’s rare that iOS jailbreaks make it onto the scene. Apple is usually able to patch them out quickly. But a recent
Vulnerability Spotlight: Another fix for Adobe Acrobat Reader DC text field value remote code execution
Aleksandar Nikolic of Cisco Talos discovered this vulnerability. Cisco Talos once again would like to bring attention to a remote code execution vulnerability in Adobe Acrobat Reader. Acrobat, which is one of the most popular PDF readers on the market, contains a bug when the s
Checkrain fake iOS jailbreak leads to click fraud
By Warren Mercer and Paul Rascagneres. Introduction Attackers are capitalizing on the recent discovery of a new vulnerability that exists across legacy iOS hardware. Cisco Talos recently discovered a malicious actor using a fake website that claims to give iPhone users the abil
Threat Roundup for October 4 to October 11
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 4 and Oct. 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke