AI, election security headline discussions at Black Hat and DEF CON
Voting Village co-founder Harri Hursti told Politico the list of vulnerabilities ran “multiple pages.”
Talos discovers 11 vulnerabilities between Microsoft, Adobe software disclosed on Patch Tuesday
Eight of the vulnerabilities affect the license update feature for CLIPSP.SYS, a driver used to implement Client License System Policy on Windows 10 and 11.
Talos discovers Microsoft kernel mode driver vulnerabilities that could lead to SYSTEM privileges; Seven other critical issues disclosed
The most serious of the issues included in August’s Patch Tuesday is CVE-2024-38063, a remote code execution vulnerability in Windows TCP/IP.
A refresher on Talos’ open-source tools and the importance of the open-source community
Open-source software that is free to download, deploy and modify is a vital component in the fight for cyber security. Freely available software not only helps defend systems that would otherwise be unprotected, but it also allows people to learn and develop vital cybersecurity s
The top stories coming out of the Black Hat cybersecurity conference
As with everything nowadays, politics are sure to come into play.
Ryan Pentney reflects on 10 years of Talos and his many roles from the Sourcefire days
Pentney and his team are threat hunters and researchers who contribute to Talos’ research and reports shared with government and private sector partners.
There is no real fix to the security issues recently found in GitHub and other similar software
The lesson for users, especially if you’re a private company that primarily uses GitHub, is just to understand the inherent dangers of using open-source software.
APT41 likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike
ShadowPad, widely considered the successor of PlugX, is a modular remote access trojan (RAT) only seen sold to Chinese hacking groups.
Detecting evolving threats: NetSupport RAT campaign
In this first Deep Dive with NTDR, we explore how defenders can leverage Snort for the detection of evasive malware threats.