Incident Response trends Q2 2023: Data theft extortion rises, while healthcare is still most-targeted vertical
Ransomware was the second most-observed threat this quarter, accounting for 17 percent of engagements, a slight increase from last quarter’s 10 percent.
What might authentication attacks look like in a phishing-resistant future?
Even if the internet at large adopts passkeys, attackers can still find a way in.
The federal government’s cybersecurity policies are falling into place just in time to be stalled again
Last week, the Biden administration released its formal roadmap for its national cybersecurity initiative meant to encourage greater investment in cybersecurity and strengthen the U.S.’s critical infrastructure security (and more).
Memory corruption vulnerability in Microsoft Edge; MilesightVPN and router could be taken over
In all, Talos released 22 security advisories regarding Milesight products this month, nine of which have a CVSS score greater than 8, associated with 69 CVEs.
Why are there so many malware-as-a-service offerings?
Ransomware-as-a-service is a relatively new version of these commodity groups, such as DarkSide, known for the cyber attack in 2021 that disrupted the Colonial oil pipeline and made gas more expensive for thousands of U.S. consumers.
Implementing an ISO-compliant threat intelligence program
The guidance within ISO 27001 identifies which security controls are appropriate, while ISO 27002 describes the controls in detail and how they can be implemented.
QR codes are relevant again for everyone from diners to threat actors
QR codes have always served as a way for bad actors to spread malware or even your friendly neighborhood prankster to share Rick Astley’s most famous music video.
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation
Uncovered issues fall into use-after-free, buffer-overflow, information leak and denial of service vulnerability classes. Some of these could be combined to achieve remote code execution or privilege escalation.
Malicious campaigns target government, military and civilian entities in Ukraine, Poland
Cisco Talos has discovered a threat actor conducting several campaigns against government entities, military organizations and civilian users in Ukraine and Poland. We judge that these operations are very likely aimed at stealing information and gaining persistent remote access.