Latest News

The Ksenia home automation and burglar alarm system has a security flaw where the PIN required to disable the alarm is exposed in the 'basisInfo' XML file after initial authentication, allowing attackers who gain access to this file to bypass security measures. This design flaw enables unauthorized individuals to both disable the alarm system and manipulate smart home devices by simply retrieving the PIN from the server response, effectively rendering the security system useless since the supposedly secret PIN is easily obtainable once an attacker reaches the authenticated state. The system should never expose sensitive codes in API responses and should implement proper multi-factor authentication for critical functions like alarm deactivation.

Input passed via the 'redirectPage' GET parameter in 'cmdOk.xml' script is not properly verified before being used to redirect users. This can be exploited to redirect an authenticating user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.

Ksenia Lares uses a weak set of default administrative credentials that can be found and used to gain full control of the system.

Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks? Step behind the curtain with us this week as we explore breaches born from routine oversights—and the unexpected

In this podcast, Joe, Hazel, Bill and Dave break down Talos' Year in Review 2024 and discuss how and why cybercriminals have been leaning so heavily on attacks that are routed in stealth in simplicity.

If you're using AWS, it's easy to assume your cloud security is handled - but that's a dangerous misconception. AWS secures its own infrastructure, but security within a cloud environment remains the customer’s responsibility. Think of AWS security like protecting a building: AWS provides strong walls and a solid roof, but it's up to the customer to handle the locks, install the alarm systems,

An unsecured database used by a generative AI app revealed prompts and tens of thousands of explicit images—some of which are likely illegal. The company deleted its websites after WIRED reached out.

Download Talos' 2024 Year in Review now, and access key insights on the top targeted vulnerabilities of the year, network-based attacks, email threats, adversary toolsets, identity attacks, multi-factor authentication (MFA) abuse, ransomware and AI-based attacks.

Entities in Ukraine have been targeted as part of a phishing campaign designed to distribute a remote access trojan called Remcos RAT. "The file names use Russian words related to the movement of troops in Ukraine as a lure," Cisco Talos researcher Guilherme Venere said in a report published last week. "The PowerShell downloader contacts geo-fenced servers located in Russia and Germany to

A list of topics we covered in the week of March 24 to March 30 of 2025