Current executive guidance for ongoing cyberattacks in Ukraine
This post is also available in: 日本語 (Japanese) Українська (Ukrainian) Cyber threat activity against Ukraine, and around the world, has long been a central focus of our work. We continue to monitor the Ukraine-Russia situation by enacting a comprehensive, Talos-wide effort to p
Threat Roundup for February 25 to March 4
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 25 and March 4. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Crowd-sourced attacks present new risk of crisis escalation
This post is also available in: 日本語 (Japanese) * An unpredictable and largely unknown set of actors present a threat to organizations, despite their sometimes unsophisticated techniques. Customers who are typically focused on top-tier, state-sponsored attacks should remain awa
Talos on the developing situation in Ukraine
This post is also available in: 日本語 (Japanese) Українська (Ukrainian) In the last month, Talos has seen a shift in activity in response to the unjust invasion of Ukraine. This post is meant to serve as our executive overview of the situation and provide you with the most up-to
Threat Advisory: Cyclops Blink
Update Mar. 17, 2022 Today, Asus released a product security advisory listing their products affected by Cyclops Blink. While the investigation is currently ongoing, this advisory provides guidance on taking necessary precautions via a checklist for the affected product versions
Threat Advisory: HermeticWiper
This post is also available in: 日本語 (Japanese) Українська (Ukrainian) Update: March 1, 2022 Cisco Talos is aware of reporting related to additional components discovered to be associated with ongoing HermeticWiper attacks. These additional components include: * HermeticWiz
Vulnerability Spotlight: Vulnerabilities in Gerbv could lead to code execution, information disclosure
Claudio Bozzato of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Gerbv file viewing software that could allow an attacker to execute arbitrary remote code or disclose sensitive information. Gerbv is an open-source
Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered multiple vulnerabilities in the Lansweeper IT asset management solution that could allow an attacker to inject JavaScript or SQL code on the targeted device. Lansweeper gather
Threat Roundup for February 18 to February 25
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 18 and Feb. 25. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k