The many ways electric cars are vulnerable to hacks, and whether that matters in a real-world
Researchers recently discovered 49 zero-day vulnerabilities, including a two-vulnerability exploit chain in Tesla cars that could allow an attacker to take over the onboard infotainment system.
OAS Engine Deep Dive: Abusing low-impact vulnerabilities to escalate privileges
Open Automation Software recently released patches for multiple vulnerabilities in their OAS Engine. Cisco Talos publicly disclosed these issues after working with Open Automation Software to ensure that patches were available for users. Now that a fix has been released with Ve
Why is the cost of cyber insurance rising?
Cyber insurance premiums are expected to rise this year after leveling out in 2023.
IR Q4 2023 trends: Significant increase in ransomware activity found in engagements, while education remains one of the most-targeted sectors
Talos IR observed operations involving Play, Cactus, BlackSuit and NoEscape ransomware for the first time this quarter.
What to do with that fancy new internet-connected device you got as a holiday gift
There are many examples of WiFi-enabled home cameras, assistants and doorbells vulnerable to a wide range of security issues.
Exploring malicious Windows drivers (Part 1): Introduction to the kernel and drivers
Malicious drivers are difficult to detect and successfully leveraging one can give an attacker full access to a system.
Critical vulnerability in ManageEngine could lead to file creation, dozens of other vulnerabilities disclosed by Talos to start 2024
There are also multiple vulnerabilities in AVideo, an open-source video broadcasting suite, that could lead to arbitrary code execution.
Microsoft starts off new year with relatively light Patch Tuesday, no zero-days
One of the critical vulnerabilities patched Tuesday is CVE-2024-20674, a security bypass vulnerability in the Windows Kerberos authentication protocol.
New decryptor for Babuk Tortilla ransomware variant released
Cisco Talos obtained executable code capable of decrypting files affected by the Babuk Tortilla ransomware variant, allowing Talos to extract and share the private decryption key used by the threat actor.