Time to secure hybrid work for 2022, not 2002
Editor’s note: This post is the first in a new series from Talos looking at high-level topics across the cybersecurity space. Our researchers rely on years of expertise, data, and tremendous visibility; applying what we can learn from history, research, and analysis to nascent se
Threat Roundup for February 11 to February 18
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 11 and Feb. 18. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting k
Vulnerability Spotlight: Vulnerability in Hancom Office could lead to memory corruption, code execution
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered a vulnerability in Hancom Office — a popular software suite in South Korea — that could allow an attacker to corrupt memory on the targeted machine or execute remote code. Han
Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login
Patrick DeSantis of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered two vulnerabilities in Moxa's MXview network management software that could allow an attacker to view sensitive data or bypass the need to log into the device. MXview is design
Threat Roundup for February 4 to February 11
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 4 and Feb. 11. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Beers with Talos, Ep. #116: Let's wade into the MuddyWater filled with Vipers
Beers with Talos (BWT) Podcast episode No. 116 is now available. Download this episode and subscribe to Beers with Talos: * Apple Podcasts * Google Podcasts * Spotify * Stitcher Recorded Feb. 4, 2022. If iTunes and Google Play aren't your thing, click here. Most peopl
What’s with the shared VBA code between Transparent Tribe and other threat actors?
Recently, we've been researching several threat actors operating in South Asia: Transparent Tribe, SideCopy, etc., that deploy a range of remote access trojans (RATs). After a hunting session in our malware sample repositories and VirusTotal while looking into these actors, w
Microsoft Patch Tuesday for Feb. 2022 — Snort rules and prominent vulnerabilities
Microsoft released its monthly security update Tuesday, disclosing 51 vulnerabilities across its large collection of hardware and software. None of the vulnerabilities disclosed this month are considered “critical,” an extreme rarity for the company’s Patch Tuesdays. Additionall
Vulnerability Spotlight: Use-after-free in Google Chrome could lead to code execution
Marcin Towalski of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of the browser that other software