Cisco Talos Blog

Recent
July 10, 2024 12:00

15 vulnerabilities discovered in software development kit for wireless routers

Talos researchers discovered these vulnerabilities in the Jungle SDK while researching other vulnerabilities in the LevelOne WBR-6013 wireless router.

July 10, 2024 08:00

Hidden between the tags: Insights into spammers’ evasion techniques in HTML Smuggling

Talos is releasing a new list of CyberChef recipes that enable faster and easier reversal of encoded JavaScript code contained in the observed HTML attachments.

July 10, 2024 06:00

Inside the ransomware playbook: Analyzing attack chains and mapping common TTPs

Based on a comprehensive review of more than a dozen prominent ransomware groups, we identified several commonalities in TTPs, along with several notable differences and outliers.

July 9, 2024 14:01

Largest Patch Tuesday in 3 months includes 5 critical vulnerabilities

This is the largest Patch Tuesday since April, when Microsoft patched 150 vulnerabilities.

July 9, 2024 08:00

How do cryptocurrency drainer phishing scams work?

In recent months, a surge in cryptodrainer phishing attacks has been observed, targeting cryptocurrency holders with sophisticated schemes aimed at tricking them into divulging their valuable credentials.

June 27, 2024 14:00

We’re not talking about cryptocurrency as much as we used to, but there are still plenty of scammers out there

A report in March found that 72% of cryptocurrency projects had died since 2020, with crypto trading platform FTX’s downfall taking out many of them in one fell swoop.

June 27, 2024 08:01

Snowflake isn’t an outlier, it’s the canary in the coal mine

By Nick Biasini with contributions from Kendall McKay and Guilherme Venere Headlines continue to roll in about the many implications and follow-on attacks originating from leaked and/or stolen credentials for the Snowflake cloud data platform. Adversaries obtained stolen login

June 26, 2024 12:00

Multiple vulnerabilities in TP-Link Omada system could lead to root access

Affected devices could include wireless access points, routers, switches and VPNs.

June 21, 2024 08:00

Unveiling SpiceRAT: SneakyChef's latest tool targeting EMEA and Asia

The new remote access trojan (RAT) dubbed SpiceRAT was used by the threat actor SneakyChef in a recent campaign targeting government agencies in EMEA and Asia.