Threat Roundup for April 15 to April 22
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 15 and April 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
Threat Source newsletter (April 21, 2022) — Sideloading apps is as safe as you make it
Welcome to this week’s edition of the Threat Source newsletter. If you pay attention to the video game community as much as I do, you’ve been closely following the ongoing legal battle between Apple and Epic over the sale of “Fortnite” on the Apple App Store. (I promise I won’t
Beers with Talos, Ep. #120: How attackers are finding ways around MFA
Beers with Talos (BWT) Podcast episode No. 120 is now available. Download this episode and subscribe to Beers with Talos: * Apple Podcasts * Google Podcasts * Spotify * Stitcher Recorded April 6, 2022 If iTunes and Google Play aren't your thing, click here. The trend
TeamTNT Targeting AWS, Alibaba
By Darin Smith. * TeamTNT is actively modifying its scripts after they were made public by security researchers. * These scripts primarily target Amazon Web Services, but can also run in on-premise, container, or other forms of Linux instances. * The group's payloads inc
Threat Roundup for April 8 to April 15
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 8 and April 15. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
Threat Source newsletter (April 14, 2022) — It's Tax Day, and you know what that means
Welcome to this week’s edition of the Threat Source newsletter. The deadline to file taxes in the United States is Monday. That means a few things: everyone should probably make sure their liquor cabinet is fully stocked, your spam filters are all turned on in your email and the
Threat Spotlight: "Haskers Gang" Introduces New ZingoStealer
Update (04/14/22): Following the initial publication of this blog, we observed a new post in the Haskers Gang Telegram channel announcing that ownership of the ZingoStealer project is being transferred to a new threat actor. We also observed the malware author offering to sell t
Microsoft Patch Tuesday includes most vulnerabilities since Sept. 2020
Microsoft released its latest security update Tuesday, disclosing more than 140 vulnerabilities across its array of products. This is a departure from past Patch Tuesdays this year, which have only featured a few dozen vulnerabilities, and is the largest amount of issues in a sin
Threat Roundup for April 1 to April 8
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 1 and April 8. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k