Threat Source newsletter (April 27, 2023) — New Cisco Secure offerings and extra security from Duo
AI-generated spam comments on Amazon, the latest on the 3CX supply chain attack and more security headlines from the past week.
Quarterly Report: Incident Response Trends in Q1 2023
In 45 percent of engagements, attackers exploited public-facing applications to establish initial access, a significant increase from 15 percent the previous quarter.
Video: Everything you need to know about ongoing state-sponsored attacks targeting network infrastructure across the globe
Video explanation of the Jaguar Tooth vulnerabilities with Matt Olney, J.J. Cummings and Hazel Burton.
Vulnerability Spotlight: Vulnerabilities in IBM AIX could lead to command injection with elevated privileges
The issue could then allow the malicious actor to generate arbitrary logs which can trigger malicious commands to be run with elevated privileges.
Threat Roundup for April 14 to April 21
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 14 and April 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
Threat Source newsletter (April 20, 2023) — Preview of Cisco and Talos at RSA
Heading to San Francisco next week? Here are all the Talos and Cisco Secure talks and events you won't want to miss.
State-sponsored campaigns target global network infrastructure
This campaign, dubbed "Jaguar Tooth," is an example of a much broader trend of sophisticated adversaries targeting networking infrastructure to advance espionage objectives or pre-position for future destructive activity.
Threat Roundup for April 7 to April 14
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 7 and April 14. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
Threat Source newsletter (April 13, 2023) — Dark web forum whac-a-mole
Microsoft zero-days, dark web forum takedowns and Pentagon leaks on Discord in this week's newsletter.