Cisco Talos (@TalosSecurity@mstdn.social)

Cisco TalosComing soon...👀

Cisco TalosCisco Talos discovered a malicious campaign we track under the UAT-5918 umbrella that has been active since at least 2023 targeting critical infrastructure entities in Taiwan. Read the full blog to learn more: <a href="https://blog.talosintelligence.com/uat-5918-targets-critical-infra-in-taiwan/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/uat-5918-targets-critical-infra-in-taiwan/</a>

Cisco TalosCisco Talos’ Vulnerability Discovery & Research team recently disclosed two vulnerabilities in ClearML and four vulnerabilities in Nvidia. Read the latest blog to learn more: <a href="https://blog.talosintelligence.com/clearml-and-nvidia-vulns/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/clearml-and-nvidia-vulns/</a>

Cisco TalosDon't miss the latest Vulnerability Roundup covering Talos’ Vulnerability Research team recently disclosed vulnerabilities in Observium, Offis, and Whatsup Gold. Read the blog here: <a href="https://blog.talosintelligence.com/whatsup-gold-observium-offis-vulnerabilities/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/whatsup-gold-observium-offis-vulnerabilities/</a>

Cisco TalosThe Talos Incident Response Quarterly Trends report for Q4 2024 is out now! The report covers web shell usage and a spike in the exploitation of public-facing applications. Read the full findings here: <a href="https://blog.talosintelligence.com/talos-ir-trends-q4-2024/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/talos-ir-trends-q4-2024/</a>

Cisco TalosCisco Talos discovered an ongoing malicious campaign operated by a financially motivated threat actor targeting users, predominantly in Poland and Germany. Read the blog on the new TorNet backdoor here: <a href="https://blog.talosintelligence.com/new-tornet-backdoor-campaign/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/new-tornet-backdoor-campaign/</a>

Cisco TalosCisco Talos has observed an increase in the number of email threats leveraging hidden text salting, a simple yet effective technique for bypassing email parsers, confusing spam filters, and evading detection engines that rely on keywords. Read our latest blog to learn more: <a href="https://blog.talosintelligence.com/seasoning-email-threats-with-hidden-text-salting/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/seasoning-email-threats-with-hidden-text-salting/</a>

Cisco TalosCisco Talos’ Vulnerability Research team recently disclosed three out-of-bounds read vulnerabilities in Adobe Acrobat Reader, and two use-after-free vulnerabilities in Foxit Reader. Read the latest round-up here: <a href="https://blog.talosintelligence.com/acrobat-out-of-bounds-and-foxit-use-after-free-pdf-reader-vulnerabilities-found/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/acrobat-out-of-bounds-and-foxit-use-after-free-pdf-reader-vulnerabilities-found/</a>

Cisco TalosCisco Talos' Vulnerability Research team recently discovered two vulnerabilities in MC Technologies LR Router and three vulnerabilities in the GoCast service. Read the latest in the Vulnerability Roundup: <a href="https://blog.talosintelligence.com/mc-lr-router-and-gocast-zero-day-vulnerabilities-2/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/mc-lr-router-and-gocast-zero-day-vulnerabilities-2/</a>

Cisco TalosWe're deep diving on vulnerabilities in ClipSp, the driver at the core of Windows' Client License Platform. Read the latest research here: <a href="https://blog.talosintelligence.com/finding-vulnerabilities-in-clipsp-the-driver-at-the-core-of-windows-client-license-platform/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/finding-vulnerabilities-in-clipsp-the-driver-at-the-core-of-windows-client-license-platform/</a>

Cisco TalosA new variant of the <a href="https://mstdn.social/tags/MedusaLocker" class="mention hashtag" rel="tag">#MedusaLocker</a> <a href="https://mstdn.social/tags/ransomware" class="mention hashtag" rel="tag">#ransomware</a> has been in circulation since 2022. Find out what's distinct, and not, about "BabyLockerKZ" <a href="https://blog.talosintelligence.com/threat-actor-believed-to-be-spreading-new-medusalocker-variant-since-2022/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/threat-actor-believed-to-be-spreading-new-medusalocker-variant-since-2022/</a>

Cisco TalosHow threat actors are using a legitimate Red Teaming tool to build new malicious payloads that execute malicious <a href="https://mstdn.social/tags/Microsoft" class="mention hashtag" rel="tag">#Microsoft</a> <a href="https://mstdn.social/tags/Office" class="mention hashtag" rel="tag">#Office</a> macros <a href="https://blog.talosintelligence.com/threat-actors-using-macropack/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/threat-actors-using-macropack/</a>

Cisco TalosCisco Talos Incident Response is now available to all <a href="https://mstdn.social/tags/Splunk" class="mention hashtag" rel="tag">#Splunk</a> customers! Learn how Talos IR can help you assess, strengthen and evolve your cybersecurity program and make sure your systems are resilient against the worst-case scenarios <a href="http://cs.co/6017YdCpd" target="_blank" rel="nofollow noopener noreferrer" translate="no">http://cs.co/6017YdCpd</a>

Cisco TalosAPT41, a Chinese state-sponsored actor, likely compromised Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike <a href="https://blog.talosintelligence.com/chinese-hacking-group-apt41-compromised-taiwanese-government-affiliated-research-institute-with-shadowpad-and-cobaltstrike-2/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/chinese-hacking-group-apt41-compromised-taiwanese-government-affiliated-research-institute-with-shadowpad-and-cobaltstrike-2/</a>

Cisco TalosWant to know the ins and outs of how we craft detection for our customers? Our new blog series covers the technical research that goes into each and every @snort rule, IP block and more. First up, we're covering the <a href="https://mstdn.social/tags/NetSupport" class="mention hashtag" rel="tag">#NetSupport</a> RAT <a href="https://blog.talosintelligence.com/detecting-evolving-threats-netsupport-rat/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/detecting-evolving-threats-netsupport-rat/</a>

Cisco TalosWant to know what Talos Incident Response is seeing in the field? Read our latest Quarterly Trends report, which includes the top <a href="https://mstdn.social/tags/malware" class="mention hashtag" rel="tag">#malware</a>, TTPs and vulnerabilities adversaries used <a href="https://blog.talosintelligence.com/ir-trends-ransomware-on-the-rise-q2-2024/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/ir-trends-ransomware-on-the-rise-q2-2024/</a>

Cisco TalosVulnerability Deep Dive: Multiple vulnerabilities in TP-Link Omada system could lead to root access <a href="https://blog.talosintelligence.com/multiple-vulnerabilities-in-tp-link-omada-system/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/multiple-vulnerabilities-in-tp-link-omada-system/</a>

Cisco TalosWe have new research live on our blog this morning regarding a Chinese-speaking threat actor that's already targeted more than a dozen government agencies across the globe. <a href="http://cs.co/6041grLPL" target="_blank" rel="nofollow noopener noreferrer" translate="no">http://cs.co/6041grLPL</a>And if you'd like to learn more about the primary remote access trojan this group uses, we have new information on the "SpiceRAT" hashtag#malware here <a href="http://cs.co/6042grLP0" target="_blank" rel="nofollow noopener noreferrer" translate="no">http://cs.co/6042grLP0</a>

Cisco TalosHow, exactly, are adversaries trying to bypass multi-factor authentication? We have new data that shows the exact tactics they're deploying and the tricks that most often get users to accept malicious or erroneous login notifications <a href="https://blog.talosintelligence.com/how-are-attackers-trying-to-bypass-mfa/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/how-are-attackers-trying-to-bypass-mfa/</a>

Cisco TalosA nexus of <a href="https://mstdn.social/tags/Pakistani" class="mention hashtag" rel="tag">#Pakistani</a> threat actors is behind a new series of cyber attacks called <a href="https://mstdn.social/tags/OperationCelestialForce" class="mention hashtag" rel="tag">#OperationCelestialForce</a>. Learn more about this threat and the <a href="https://mstdn.social/tags/malware" class="mention hashtag" rel="tag">#malware</a> loaders they use <a href="https://blog.talosintelligence.com/cosmic-leopard/" target="_blank" rel="nofollow noopener noreferrer" translate="no">https://blog.talosintelligence.com/cosmic-leopard/</a>

Recent searches

Search options

Administered by:

Server stats:

Cisco Talos@TalosSecurity@mstdn.social