Vulnerability Spotlight: Hard-coded password vulnerability could allow attacker to completely take over Lenovo Smart Clock
Talos also alerted Lenovo that the clock’s hardcoded root password is weak and easily guessed or cracked.
How threat actors are using AI and other modern tools to enhance their phishing attempts
Tools like ChatGPT aren't making social engineering attacks any more effective, but it does make it faster for actors to write up phishing emails.
Microsoft Patch Tuesday for April 2023 — Snort rules and prominent vulnerabilities
April is the third month in a row in which at least one of the vulnerabilities Microsoft released in a Patch Tuesday had been exploited in the wild prior to disclosure.
Researcher Spotlight: Giannis Tziakouris first learned how to fix his family’s PC, and now he’s fixing networks all over the globe
As a senior incident responder, Giannis helps Cisco Talos Incident Response customers secure and respond to security incidents across the world.
Threat Roundup for March 31 to April 7
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 31 and April 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
Threat Source newsletter (April 6, 2023) — Another friendly reminder about supply chain attacks
Be prepared to discuss difficult topics with potential new third-party software vendors, such as incident notification requirements, access to logs during a security incident and who the important emergency contacts are.
Vulnerability Spotlight: Vulnerabilities in popular Japanese word processing software could lead to arbitrary code execution, other issues
Ichitaro uses the ATOK input method (IME) and uses the proprietary .jtd file extension. It’s the second most-popular word processing system in Japan behind only Microsoft word.
Typhon Reborn V2: Updated stealer features enhanced anti-analysis and evasion capabilities
The stealer is for sale on dark web forums for $59 a month, or $540 for a lifetime subscription, which is relatively inexpensive compared to other infostealers.
Vulnerability Spotlight: Buffer overflow vulnerability in ADMesh library
A specially crafted STL file can lead to a heap buffer overflow.