Although considered of moderate risk, one of the vulnerabilities is being actively exploited in the wild — CVE-2024-21351, a security feature bypass vulnerability in Windows SmartScreen. This article has been indexed from Cisco Talos Blog Read the original article: First…
Tag: Cisco Talos Blog
Spyware isn’t going anywhere, and neither are its tactics
For their part, the U.S. did roll out new restrictions on the visas of any foreign individuals who misuse commercial spyware. This article has been indexed from Cisco Talos Blog Read the original article: Spyware isn’t going anywhere, and neither…
New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization
Talos discovered a new, stealthy espionage campaign that has likely persisted since at least March 2021. The observed activity affects an Islamic non-profit organization using backdoors for a previously unreported malware family we have named “Zardoor.” This article has been…
New Zardoor backdoor used in long-term cyber espionage operation targeting Islamic organization
Talos discovered a new, stealthy espionage campaign that has likely persisted since at least March 2021. The observed activity affects an Islamic non-profit organization using backdoors for a previously unreported malware family we have named “Zardoor.” This article has been…
How are user credentials stolen and used by threat actors?
You’ve probably heard the phrase, “Attackers don’t hack anyone these days. They log on.” In this blog, we describe the various tools and techniques bad actors are using to steal credentials so they can ‘log on’ with valid account details,…
The many ways electric cars are vulnerable to hacks, and whether that matters in a real-world
Researchers recently discovered 49 zero-day vulnerabilities, including a two-vulnerability exploit chain in Tesla cars that could allow an attacker to take over the onboard infotainment system. This article has been indexed from Cisco Talos Blog Read the original article: The…
OAS Engine Deep Dive: Abusing low-impact vulnerabilities to escalate privileges
Open Automation Software recently released patches for multiple vulnerabilities in their OAS Engine. Cisco Talos publicly disclosed these issues after working with Open Automation Software to ensure that patches were available for users. Now that a fix has been released…
Why is the cost of cyber insurance rising?
Cyber insurance premiums are expected to rise this year after leveling out in 2023. This article has been indexed from Cisco Talos Blog Read the original article: Why is the cost of cyber insurance rising?
Significant increase in ransomware activity found in Talos IR engagements, while education remains one of the most-targeted sectors
Talos IR observed operations involving Play, Cactus, BlackSuit and NoEscape ransomware for the first time this quarter. This article has been indexed from Cisco Talos Blog Read the original article: Significant increase in ransomware activity found in Talos IR engagements,…
What to do with that fancy new internet-connected device you got as a holiday gift
There are many examples of WiFi-enabled home cameras, assistants and doorbells vulnerable to a wide range of security issues. This article has been indexed from Cisco Talos Blog Read the original article: What to do with that fancy new internet-connected…