Threat Roundup for May 6 to May 13
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 6 and May 13. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key
EMEAR Monthly Talos Update: Wiper malware
Cisco Talos and Cisco Secure are launching a new video series to fill you in on the latest cybersecurity trends. We’re thrilled to launch our first video in the new Talos Threat Update series, which you can watch above or over at this link, where Martin Lee and Hazel Burton talk
Threat Source newsletter (May 12, 2022) — Mandatory MFA adoption is great, but is it too late?
Welcome to this week’s edition of the Threat Source newsletter. Mandatory multi-factor authentication is all the rage nowadays. GitHub just announced that all contributors would have to enroll in MFA by 2023 to log into their accounts. And Google announced as part of World Passw
Vulnerability Spotlight: How an attacker could chain several vulnerabilities in an industrial wireless router to gain root access
Cisco Talos recently discovered several vulnerabilities in InHand Networks’ InRouter302 that could allow an attacker to escalate their privileges on the targeted device from a non-privileged user to a privileged one. There are also multiple vulnerabilities that could allow an adv
The BlackByte ransomware group is striking users all over the globe
News summary * Cisco Talos has been monitoring the BlackByte Ransomware Group for several months, infecting victims all over the world, from North America to Colombia, Netherlands, China, Mexico and Vietnam. * The FBI released a joint cybersecurity advisory in February 2022 wa
Bitter APT adds Bangladesh to their targets
* Cisco Talos has observed an ongoing malicious campaign since August 2021 from the Bitter APT group that appears to target users in Bangladesh, a change from the attackers' usual victims. * As part of this, there's a new trojan based on Apost Talos is calling "Zxx
Threat Advisory: Critical F5 BIG-IP Vulnerability
Summary A recently disclosed vulnerability in F5 Networks' BIG-IP could allow an unauthenticated attacker to access the BIG-IP system to execute arbitrary system commands, create and delete files, disable services and could lead to additional malicious activity. This vulner
Microsoft Patch Tuesday for May 2022 — Snort rules and prominent vulnerabilities
Microsoft returned to its normal monthly patching volume in May, disclosing and fixing 74 vulnerabilities as part of the company’s latest security update. This month’s Patch Tuesday includes seven critical vulnerabilities after Microsoft disclosed more than 140 security issues in
Vulnerability Spotlight: Vulnerability in Alyac antivirus program could stop virus scanning, cause denial of service
Jaewon Min of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered an out-of-bounds read vulnerability in the ESTsecurity Corp.’s Alyac antivirus software that could cause a denial-of-service condition. If successful, an attacker could trigger this vuln