Small praise for modern compilers - A case of Ubuntu printing vulnerability that wasn’t
During an earlier investigation of the macOS printing subsystem, IPP-USB protocol caught our attention. We decided to take a look at how other operating systems handle the same functionality.
Changing the tide: Reflections on threat data from 2024
Thorsten examines last year’s CVE list and compares it to recent Talos Incident Response trends. Plus, get all the details on the new vulnerabilities disclosed by Talos’ Vulnerability Research Team.
Google Cloud Platform Data Destruction via Cloud Build
A technical overview of Cisco Talos' investigations into Google Cloud Platform Cloud Build, and the threat surface posed by the storage permission family.
Defeating Future Threats Starts Today
Martin discusses how defenders can use threat intelligence to equip themselves against AI-based threats. Plus check out his introductory course to threat intelligence.
Talos IR trends Q4 2024: Web shell usage and exploitation of public-facing applications spike
This new report from Cisco Talos Incident Response explores how threat actors increasingly deployed web shells against vulnerable web applications, and exploited vulnerable or unpatched public-facing applications to gain initial access.
Whatsup Gold, Observium and Offis vulnerabilities
Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold. These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a coll
New TorNet backdoor seen in widespread campaign
Cisco Talos discovered an ongoing malicious campaign operated by a financially motivated threat actor targeting users, predominantly in Poland and Germany.
Seasoning email threats with hidden text salting
Hidden text salting is a simple yet effective technique for bypassing email parsers, confusing spam filters, and evading detection engines that rely on keywords. Cisco Talos has observed an increase in the number of email threats leveraging hidden text salting.
Everything is connected to security
Joe shares his recent experience presenting at the 32nd Crop Insurance Conference and how it's important to stay curious, be a forever student, and keep learning.