Threat Source newsletter (March 24, 2022) — Of course the deepfake videos are here
Welcome to this week’s edition of the Threat Source newsletter. The war in Ukraine has involved misinformation since before Russia’s ground forces invaded the country. So, it’s not really a shock that we’ve reached the stage of information warfare where deepfake videos are invol
Threat Advisory: DoubleZero
This post is also available in: Українська (Ukrainian) Overview The Computer Emergency Response Team of Ukraine released an advisory on March 22, 2022 disclosing another wiper dubbed "DoubleZero" targeting Ukrainian enterprises during Russia's invasion of the co
Vulnerability Spotlight: Heap overflow in Sound Exchange libsox library
Lilith >_> of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered an exploitable heap-based buffer overflow vulnerability in the sphere.c start_read() functionality of Sound Exchange libsox. The libsox library is a library of sound sample file fo
On the Radar: Securing Web 3.0, the Metaverse and beyond
Internet technology evolves rapidly, and the World Wide Web (WWW or Web) is currently experiencing a transition into what many are calling "Web 3.0". Web 3.0 is a nebulous term. If you spend enough time Googling it, you'll find many interpretations regarding what We
Threat Roundup for March 11 to March 18
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 11 and March 18. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
Threat Source newsletter (March 17, 2022) — Channelling productive worry to help Ukraine
Welcome to this week’s edition of the Threat Source newsletter. Cisco Talos continues to be heads-down working on the current Ukraine situation. This is incredibly difficult for everyone across the globe, especially for those directly affected. But that doesn’t mean those of us w
From BlackMatter to BlackCat: Analyzing two attacks from one affiliate
* BlackCat is a recent and growing ransomware-as-a-service (RaaS) group that targeted several organizations worldwide over the past few months. * There are rumors of a relationship between BlackCat and the BlackMatter/DarkSide ransomware groups, infamous for attacking the Colon
Preparing for denial-of-service attacks with Talos Incident Response
Over the years, several extorsion-style and politically motivated denial-of-service attacks increased and still pose a threat to businesses and organizations of any size that can find themselves in the crosshairs of various malicious campaigns. A detailed preparation plan is nee
Threat Advisory: CaddyWiper
This post is also available in: 日本語 (Japanese) Українська (Ukrainian) Overview Cybersecurity company ESET disclosed another Ukraine-focused wiper dubbed "CaddyWiper" on March 14. This wiper is relatively smaller than previous wiper attacks we've seen in Ukraine