Cisco Talos Blog

Recent
March 13, 2025 14:23

Miniaudio and Adobe Acrobat Reader vulnerabilities

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed a Miniaudio and three Adobe vulnerabilities.   The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclos

March 13, 2025 14:04

Patch it up: Old vulnerabilities are everyone’s problems

Thorsten picks apart some headlines, highlights Talos’ report on an unknown attacker predominantly targeting Japan, and asks, “Where is the victim, and does it matter?”

March 13, 2025 06:00

Abusing with style: Leveraging cascading style sheets for evasion and tracking

Cascading Style Sheets (CSS) are ever present in modern day web browsing, however its far from their own use. This blog will detail the ways adversaries use CSS in email campaigns for evasion and tracking.

March 11, 2025 17:55

Microsoft Patch Tuesday for March 2025 — Snort rules and prominent vulnerabilities

Microsoft has released its monthly security update for March of 2025 which includes 57 vulnerabilities affecting a range of products, including 6 that Microsoft marked as “critical”.

March 6, 2025 14:03

Who is Responsible and Does it Matter?

Martin Lee dives into to the complexities of defending our customers from threat actors and covers the latest Talos research in this week's newsletter.

March 6, 2025 06:00

Unmasking the new persistent attacks on Japan

Cisco Talos has discovered an active exploitation of CVE-2024-4577 by an attacker in order to gain access to the victim's machines and carry out post-exploitation activities.

February 27, 2025 14:03

Sellers can get scammed too, and Joe goes off on a rant about imposter syndrome

Joe has some advice for anyone experiencing self doubt or wondering about their next career move. Plus, catch up on the latest Talos research on scams targeting sellers, and the Lotus Blossom espionage group.

February 27, 2025 06:00

Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools

Lotus Blossom espionage group targets multiple industries with different versions of Sagerunex and hacking tools

February 25, 2025 06:17

Your item has sold! Avoiding scams targeting online sellers

There are many risks associated with selling items on online marketplaces that individuals and organizations should be aware of when conducting business on these platforms.