Threat Roundup for July 1 to July 8
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 1 and July 8. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key
Threat Source newsletter (July 7, 2022) — Teamwork makes the dream work
Welcome to this week’s edition of the Threat Source newsletter. I’ve been thinking a lot recently about the pros and cons of the way we publicize our threat research. I had a few conversations at Cisco Live with people — who are more generally IT-focused than hyper-focused on cy
Researcher Spotlight: Around the security world and back again with Nick Biasini
Nick Biasini’s seen it all. Going on a nearly 20-year security career, he’s been a part of some of Cisco Talos’ largest undertakings in the company’s history. From an attack on the global Olympic Games, to a wireless router malware that affected hundreds of thousands of devices
Threat Source newsletter (June 30, 2022) — AI voice cloning is somehow more scary than deepfake videos
Welcome to this week’s edition of the Threat Source newsletter. We took a week off for summer vacation but are back in the thick of security things now. My first exposure to deepfake videos was when Jordan Peele worked with BuzzFeed News to produce this video of former Presiden
Vulnerability Spotlight: Command injection vulnerabilities in Robustel cellular router
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered four vulnerabilities in the Robustel R1510 industrial cellular router. The R1510 is a portable router that shares 2G, 3G and 4G wireless internet access. It
De-anonymizing ransomware domains on the dark web
* We have developed three techniques to identify ransomware operators' dark websites hosted on public IP addresses, allowing us to uncover previously unknown infrastructure for the DarkAngels, Snatch, Quantum and Nokoyawa ransomware groups. * The methods we used to identify
Threat Roundup for June 17 to June 24
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 17 and June 24. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Avos ransomware group expands with new attack arsenal
By Flavio Costa, * In a recent customer engagement, we observed a month-long AvosLocker campaign. * The attackers utilized several different tools, including Cobalt Strike, Sliver and multiple commercial network scanners. * The initial ingress point in this incident was a pa
Threat Roundup for June 10 to June 17
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 10 and June 17. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k