TALOS

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 15 and April 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral... [[ This is only the beginning! Please visit the blog for the complete entry ]]

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  If you pay attention to the video game community as much as I do, you’ve been closely following the ongoing legal battle between Apple and Epic over the sale of “Fortnite” on the Apple App Store. (I promise... [[ This is only the beginning! Please visit the blog for the complete entry ]]

By Darin Smith.TeamTNT is actively modifying its scripts after they were made public by security researchers.These scripts primarily target Amazon Web Services, but can also run in on-premise, container, or other forms of Linux instances.The group's payloads include credential stealers,... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Beers with Talos (BWT) Podcast episode No. 120 is now available. Download this episode and subscribe to Beers with Talos: Apple Podcasts  Google Podcasts  Spotify  StitcherRecorded April 6, 2022 If iTunes and Google Play aren't your thing, click here. The trend of... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between April 8 and April 15. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Matt Wiseman discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered multiple vulnerabilities in Lantronix’s PremierWave 2050, an embedded Wi-Fi module.  There are several vulnerabilities in PremierWave 2050’s Web Manager, a web-accessible application that... [[ This is only the beginning! Please visit the blog for the complete entry ]]

By Jung soo An and Asheer Malhotra, with contributions from Kendall McKay. Cisco Talos has observed a new malware campaign operated by the Kimsuky APT group since June 2021.Kimsuky, also known as Thallium and Black Banshee, is a North Korean state-sponsored advanced... [[ This is only the beginning! Please visit the blog for the complete entry ]]

By Jung soo An and Asheer Malhotra, with contributions from Kendall McKay. Cisco Talos has observed a new malware campaign operated by the Kimsuky APT group since June 2021.Kimsuky, also known as Thallium and Black Banshee, is a North Korean state-sponsored advanced... [[ This is only the beginning! Please visit the blog for the complete entry ]]

By Claudio Bozzato and Lilith [-_-];. Following our previous engagements (see blog posts 1, 2, 3 and 4) with Microsoft's Azure Sphere IoT platform, we decided to take another look at the device, without all the rush and commotion that normally entails a hacking challenge.  Today, we’re... [[ This is only the beginning! Please visit the blog for the complete entry ]]

By Jon Munshaw and Tiago Pereira.  Microsoft released its monthly security update Tuesday, disclosing 56 vulnerabilities in the company’s various software, hardware and firmware offerings, including one that’s actively being exploited in the wild.   November’s security update... [[ This is only the beginning! Please visit the blog for the complete entry ]]