Exploring malicious Windows drivers (Part 1): Introduction to the kernel and drivers Drivers have long been of interest to threat actors, whether they are exploiting vulnerable drivers or creating malicious ones. Malicious drivers are difficult to detect and successfully leveraging…
Tag: Cisco Talos Blog
Microsoft starts off new year with relatively light Patch Tuesday, no zero-days
One of the critical vulnerabilities patched Tuesday is CVE-2024-20674, a security bypass vulnerability in the Windows Kerberos authentication protocol. This article has been indexed from Cisco Talos Blog Read the original article: Microsoft starts off new year with relatively light…
New decryptor for Babuk Tortilla ransomware variant released
Cisco Talos obtained executable code capable of decrypting files affected by the Babuk Tortilla ransomware variant, allowing Talos to extract and share the private decryption key used by the threat actor. This article has been indexed from Cisco Talos Blog…
Video series discussing the major threat actor trends from 2023
In this video series, Talos’ Director of Threat Intelligence and Interdiction Matt Olney and Head of Outreach Nick Biasini share their insights on the most significant cybersecurity threats from the past year. This article has been indexed from Cisco Talos…
Intellexa and Cytrox: From fixer-upper to Intel Agency-grade spyware
Talos revealed that rebooting an iOS or Android device may not remove the Predator spyware produced by Intellexa. Intellexa knows if their customers intend to perform surveillance operations on foreign soil. This article has been indexed from Cisco Talos Blog…
Year in Malware 2023: Recapping the major cybersecurity stories of the past year
Relive Talos’ top stories from the past year as we recap the top malware and other threats that came our way. This article has been indexed from Cisco Talos Blog Read the original article: Year in Malware 2023: Recapping the…
A personal Year in Review to round out 2023
Everyone’s New Year’s Resolution should be to stop using passwords altogether. This article has been indexed from Cisco Talos Blog Read the original article: A personal Year in Review to round out 2023
Recommendations that defenders can use from Talos’ Year in Review Report
The 2023 Talos Year in Review is full of insights on how the threat landscape has evolved. But what does that mean for defenders? This blog contains recommendations on how to gain more visibility across your network. This article has…
Microsoft releases lightest Patch Tuesday in three years, no zero-days disclosed
The company’s regular set of advisories has included a vulnerability that’s been actively exploited in the wild in 10 months this year. This article has been indexed from Cisco Talos Blog Read the original article: Microsoft releases lightest Patch Tuesday…
Operation Blacksmith: Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
By Jung soo An, Asheer Malhotra and Vitor Ventura. Cisco Talos recently discovered a new campaign conducted by the Lazarus Group we’re calling “Operation Blacksmith,” employing at least three new DLang-based malware families, two of which are remote access trojans…