Talk of election security is good, but we still need more money to solve the problem
This year, Congress only allocated $55 million in federal grant dollars to states for security and other election improvements.
We can try to bridge the cybersecurity skills gap, but that doesn’t necessarily mean more jobs for defenders
A June report from CyberSeek found that there are only enough skilled workers to fill 85 percent of cybersecurity jobs in America.
Vulnerability in Acrobat Reader could lead to remote code execution; Microsoft patches information disclosure issue in Windows API
CVE-2024-38257 is considered “less likely” to be exploited, though it does not require any user interaction or user privileges.
Four zero-days included in group of 79 vulnerabilities Microsoft discloses, including one with 9.8 severity score
September’s monthly round of patches from Microsoft included 79 vulnerabilities, seven of which are considered critical.
DragonRank, a Chinese-speaking SEO manipulator service provider
Cisco Talos is disclosing a new threat called “DragonRank” that primarily targets countries in Asia and a few in Europe, operating PlugX and BadIIS for search engine optimization (SEO) rank manipulation.
The 2024 Threat Landscape State of Play
Talos' Nick Biasini discusses the biggest shifts and trends in the threat landscape so far. We also focus on one state sponsored actor that has been particularly active this year, and talk about why defenders need to be paying closer attention to infostealers.
Vulnerability in Tencent WeChat custom browser could lead to remote code execution
While this issue was disclosed and patched in the V8 engine in June 2023, the WeChat Webview component was not updated, and still remained vulnerable when Talos reported it to the vendor.
The best and worst ways to get users to improve their account security
In my opinion, mandatory enrollment is best enrollment.
Watch our new documentary, "The Light We Keep: A Project PowerUp Story"
The Light We Keep documentary tells the story of the consequences of electronic warfare in Ukraine and its effect on power grids across the country.