The decision between immediate action and delayed response made the difference between ransomware prevention and complete encryption in these two real-world Talos IR engagements.

Talos IR ransomware engagements and the significance of timeliness in incident response

Millions of people are accessing harmful AI “nudify” websites. New analysis says the sites are making millions and rely on tech from US companies.

For years, so-called “nudify” apps and websites have mushroomed online, allowing people to create nonconsensual and abusive images of women and girls, including child sexual abuse material. Despite some lawmakers and tech companies taking steps to limit the harmful services, every month, millions of people are still accessing the websites, and the sites’ creators may be making millions of dollars each year, new research suggests.

An analysis of 85 nudify and “undress” websites—which allow people to upload photos and use AI to generate “nude” pictures of the subjects with just a few clicks—has found that most of the sites rely on tech services from Google, Amazon, and Cloudflare to operate and stay online. The findings, revealed by Indicator, a publication investigating digital deception, say that the websites had a combined average of 18.5 million visitors for each of the past six months and collectively may be making up to $36 million per year.

Alexios Mantzarlis, a cofounder of Indicator and an online safety researcher, says the murky nudifier ecosystem has become a “lucrative business” that “Silicon Valley’s laissez-faire approach to generative AI” has allowed to persist. “They should have ceased providing any and all services to AI nudifiers when it was clear that their only use case was sexual harassment,” Mantzarlis says of tech companies. It is increasingly becoming illegal to create or share explicit deepfakes.

According to the research, Amazon and Cloudflare provide hosting or content delivery services for 62 of the 85 websites, while Google’s sign-on system has been used on 54 of the websites. The nudify websites also use a host of other services, such as payment systems, provided by mainstream companies.

Amazon Web Services spokesperson Ryan Walsh says AWS has clear terms of service that require customers to follow “applicable” laws. “When we receive reports of potential violations of our terms, we act quickly to review and take steps to disable prohibited content,” Walsh says, adding that people can report issues to its safety teams.

“Some of these sites violate our terms, and our teams are taking action to address these violations, as well as working on longer-term solutions,” Google spokesperson Karl Ryan says, pointing out that Google’s sign-in system requires developers to agree to its policies that prohibit illegal content and content that harasses others.

Cloudflare had not responded to WIRED’s request for comment at the time of writing. WIRED is not naming the nudifier websites in this story, as not to provide them with further exposure.

Nudify and undress websites and bots have flourished since 2019, after originally spawning from the tools and processes used to create the first explicit “deepfakes.” Networks of interconnected companies, as Bellingcat has reported, have appeared online offering the technology and making money from the systems.

Broadly, the services use AI to transform photos into nonconsensual explicit imagery; they often make money by selling “credits” or subscriptions that can be used to generate photos. They have been supercharged by the wave of generative AI image generators that have appeared in the past few years. Their output is hugely damaging. Social media photos have been stolen and used to create abusive images; meanwhile, in a new form of cyberbullying and abuse, teenage boys around the world have created images of their classmates. Such intimate image abuse is harrowing for victims, and images can be difficult to scrub from the web.

Using various open source tools and data, including website analysis tool Built With, Indicator staff and investigative researcher Santiago Lakatos looked into the infrastructure and systems powering 85 nudifier websites. Content delivery networks, hosting services, domain name companies, and webmaster services are all provided by a mixture of some of the biggest tech companies, plus some smaller businesses.

Based on calculations combining subscription costs, estimated customer conversion rates, and web traffic the sites sent to payment providers, the researchers estimate that 18 of the websites made between $2.6 million and $18.4 million in the past six months, which could equate to around $36 million a year. (They note this is likely a conservative estimate, as it doesn’t incorporate all the websites and transactions that take place away from the websites, such as those on Telegram.) Recently, whistleblower and leaked data reported on by German media outlet Der Spiegel indicated one prominent website may have a multimillion-dollar budget. Another website has claimed to have made millions.

Of the 10 most-visited sites, the research says, the most visitors came from the United States—India, Brazil, Mexico, and Germany make up the rest of the top five countries where people accessed the sites. While search engines direct people to nudify websites, the sites have increasingly received visitors from other online sources. Nudifiers have become so popular that Russian hackers have created fake malware-laced versions. Over the past year, 404 Media has reported one site making sponsored videos with adult entertainers, and the websites have also increasingly used paid affiliate and referral programs.

“Our analysis of the nudifiers’ behavior strongly indicates their desire to build and entrench themselves in a niche of the adult industry,” Lakatos says. “They will likely continue to try to intermingle their operations into the adult content space, a trend that needs to be countered by mainstream tech companies and the adult industry as well.”

Many of the problems of tech companies allowing nudify platforms to use their systems are well-known. For years, tech journalists have reported on how the deepfake economy has used mainstream payment services, social media advertisements, search engine exposure, and technology from big companies to operate. Yet little comprehensive action has been taken.

“Since 2019, nudification apps have moved from a handful of low-quality side projects to a cottage industry of professionalized illicit businesses with millions of users,” says Henry Ajder, an expert on AI and deepfakes who first uncovered growth in the nudification ecosystem in 2020. “Only when businesses like these who facilitate nudification apps’ ‘perverse customer journey' take targeted action will we start to see meaningful progress in making these apps harder to access and profit from.”

There are signs the nudify websites are updating their tactics and approaches to try to avoid any potential crackdowns or evade bans. Last year, WIRED reported on how nudify websites used single sign-on systems from Google, Apple, and Discord to allow people to quickly create accounts. Many of the developer accounts were disabled following the reporting. The Indicator says that on 54 of the 85 websites, however, Google’s simple sign-in system is being used, and the website creators have taken steps to evade detection by Google. They would, the report says, use an “intermediary site” to “pose as a different URL for the registration.”

While tech companies and regulators have taken a glacial approach to tackling abusive deepfakes since they first emerged more than a decade ago, there has been some recent movement. San Francisco’s city attorney has sued 16 nonconsensual-image-generation services, Microsoft has identified developers behind celebrity deepfakes, and Meta has filed a lawsuit against a company allegedly behind a nudify app that, Meta says, repeatedly posted ads on its platform. Meanwhile, the controversial Take It Down Act, which US president Donald Trump signed into law in May, has put requirements on tech companies to remove nonconsensual image abuse quickly, and the UK government is making it illegal to create explicit deepfakes.

The moves may chip away at some nudifier and undress services, but more comprehensive crackdowns are needed to slow the burgeoning harmful industry. Mantzarlis says that if tech companies are more proactive and stricter in enforcing their policies, nudifiers’ ability to flourish will diminish. “Yes, this stuff will migrate to less regulated corners of the internet—but let it,” Mantzarlis says. “If websites are harder to discover, access, and use, their audience and revenue will shrink. Unfortunately, this toxic gift of the generative AI era cannot be returned. But it can certainly be drastically reduced in scope.”

AI 'Nudify' Websites Are Raking in Millions of Dollars

Thorsten takes stock of a rapidly evolving vulnerability landscape: record-setting CVE publication rates, the growing fragmentation of reporting systems, and why consistent tracking and patching remain critical as we move through 2025.

Thursday, July 10, 2025 14:00

Welcome to this week’s edition of the Threat Source newsletter.

We’ve made it halfway through 2025 already! It’s been a while since I last wrote about CVEs and how free support for Windows 10 will end on October 14, 2025, leaving you with no more security fixes.

While the CVE system remains the global standard for vulnerability reporting, recent developments have sparked concerns within the community about its long-term stability. Currently, the program operates solely as a U.S. government-funded initiative. Following the last-minute funding extension, we’re now seeing competing ideas and projects emerging. Whether it’s the CVE Foundation working to transition from a single funding stream to a diversified and stable model, ENISA’s EUVD, or the Global CVE Allocation System (GCVE), the landscape is changing.

On one hand, a multi-source environment enhances availability and resilience. On the other, this fragmentation raises practical concerns for both researchers and practitioners. We now face questions like “Where should I report a vulnerability?” and “How do I integrate and correlate vulnerability data across multiple sources with multiple identifiers?”

Looking back at the first six months of this year, we see that the rapid pace of CVE publications in 2024 has continued into 2025, with no signs of slowing down. In fact, the current trend suggests that 2025 will surpass last year’s total of a little more than 40,000 CVEs. To illustrate: the first half of 2024 saw an average of 113 CVEs published per day, whereas the first half of 2025 is running at a rate of 131 CVEs per day.

What concerns me even more is the steep increase in Known Exploited Vulnerabilities (KEVs). It wasn’t just the spike in March — we’re seeing a generally sharper rise overall.

Vendor diversity also continues to expand, increasing from 45 vendors during the first half of last year to 61 so far this year. Additionally, the proportion of KEVs affecting network-related gear has grown from 22.5% in 2024 to 25% in 2025.

But there’s a small piece of good news: So far, I haven’t seen any CVEs from as far back as 2012 being added to the KEV catalogue like we saw last year. This time, the oldest additions “only” go back to 2017.

Keep in mind that the CVE year merely indicates when a vulnerability was reserved or assigned. The vulnerability itself may have existed for many years prior. For example, the recent sudo/chroot issue remained undiscovered for over 12 years. 

In a nutshell: Keep tracking, keep patching. Vulnerabilities certainly won’t patch themselves.

**The one big thing **

Microsoft’s July 2025 security update addresses 132 vulnerabilities, including 14 marked as “critical,” with several remote code execution (RCE) issues affecting Windows, Office, SharePoint and Hyper-V. Although none have been exploited in the wild yet, some vulnerabilities — like those in SharePoint and SPNEGO NEGOEX — are more likely to be targeted and could allow attackers to execute code remotely or locally.

**Why do I care? **

These vulnerabilities could let attackers take control of your systems, steal information or disrupt business operations, even if you haven’t seen any attacks yet. If you’re running Windows servers, SharePoint or Microsoft Office, your environment could be at risk, especially for organizations that rely on these products daily.

**So now what? **

Don’t wait. Make sure you’re applying Microsoft’s July patches as soon as possible. If you use Cisco Security Firewall or SNORT®, update your rulesets to the latest versions to maximize your protection.

**Top security headlines of the week **

**Alleged Chinese hacker tied to Silk Typhoon arrested for cyberespionage**  
A Chinese national was arrested in Milan, Italy for allegedly being linked to the state-sponsored Silk Typhoon hacking group, which is responsible for cyberattacks against U.S. organizations and government agencies. (Bleeping Computer) 

**Jailbreaking AI with information overload**   
Researchers say you can trick AI chatbots like ChatGPT or Gemini into teaching you how to make a bomb or hack an ATM if you make the question complicated, full of academic jargon, and cite sources that do not exist. (404 Media) 

**SatanLock is shutting down**  
The announcement that the group was closing its doors first came through its official Telegram channel and dark web leak site. Hunters International, another well-known ransomware group, also recently announced that it was shutting down its operations. (Dark Reading) 

**Ingram Micro scrambling to restore systems after ransomware attack**  
The IT distributor giant confirmed over the weekend that a ransomware attack was responsible for a widespread outage over its services, and they were forced to take certain systems offline on Friday afternoon, in response to the incident. (SecurityWeek) 

**Malicious Chrome extensions with 1.7M installs found on Web Store**  
Malicious extensions with 1.7 million downloads in Google's Chrome Web Store pose as legitimate tools but could track users, steal browser activity, and redirect to potentially unsafe web addresses. (Bleeping Computer)

**Can’t get enough Talos? **

**Scams, jailbreaks and poetic justice**  
In this episode of the TTP, Hazel Burton sits down with Talos' Jaeson Schultz to explore the underground world of criminal LLM abuse, from elaborate scams to role-playing jailbreak prompts designed to trick AI into ignoring its own rules.

**Vulnerability Roundup**  
Cisco Talos’ Vulnerability Discovery & Research team has disclosed and coordinated patches for two vulnerabilities each in Asus Armoury Crate and Adobe Acrobat.

**PDFs: Portable documents, or perfect deliveries for phish?**   
A popular social engineering technique returns: callback phishing, or TOAD attacks, which leverage PDFs, VoIP anonymity and even QR code tricks.

**Beers with Talos: Terms and conceptions may apply**   
In this episode, the crew reassembles after a totally intentional and not-at-all accidental hiatus. They cover AI-assisted IVF, a possible underground war against dairy, and the real heroes: conference dogs.

**Upcoming events where you can find Talos **

*   NIRMA (July 28 – 30) St. Augustine, FL 
*   Black Hat USA (Aug. 2 – 7) Las Vegas, NV

**Most prevalent malware files from Talos telemetry over the past week **

**SHA 256: a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91**     
MD5: 7bdbd180c081fa63ca94f9c22c457376   
VirusTotal: https://www.virustotal.com/gui/file/a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91/details   
Typical Filename: IMG001.exe   
Detection Name: Simple\_Custom\_Detection   

**SHA 256: 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507**   
MD5: 2915b3f8b703eb744fc54c81f4a9c67f   
VirusTotal: https://www.virustotal.com/gui/file/9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507   
Typical Filename: VID001.exe   
Claimed Product: N/A   
Detection Name: Win.Worm.Coinminer::1201 

**SHA256: 47ecaab5cd6b26fe18d9759a9392bce81ba379817c53a3a468fe9060a076f8ca**    
MD5: 71fea034b422e4a17ebb06022532fdde    
VirusTotal: https://www.virustotal.com/gui/file/47ecaab5cd6b26fe18d9759a9392bce81ba379817c53a3a468fe9060a076f8ca/details   
Typical Filename: VID001.exe    
Claimed Product: N/A    
Detection Name: Coinminer:MBT.26mw.in14.Talos

Patch, track, repeat

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed two vulnerabilities each in Asus Armoury Crate and Adobe Acrobat products.

Thursday, July 10, 2025 11:24

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed two vulnerabilities each in Asus Armoury Crate and Adobe Acrobat products.  

The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.    

For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s website.     

**Asus Armoury Crate stack-based buffer overflow and authorization bypass  vulnerabilities**

_Discovered by Marcin &#39;Icewall&#39; Noga of Cisco Talos._   

These vulnerabilities were recently covered in a deep-dive post, Decrement by one to rule them all.

Asus Armoury Crate is a software utility used to manage Asus and ROG lighting, performance, and updates.

TALOS-2025-2144 (CVE-2025-1533) is a stack-based buffer overflow vulnerability in the AsIO3.sys kernel driver of Asus Armoury Crate 5.9.13.0. A specially crafted I/O request packet (IRP) can lead to stack-based buffer overflow. An unprivileged attacker can run a program from user mode to trigger this vulnerability.

TALOS-2025-2150 (CVE-2025-3464) is an authorization bypass vulnerability in the AsIO3.sys functionality of Asus Armoury Crate 5.9.13.0. A specially crafted hard link can lead to an authorization bypass. An attacker can create a hard link to trigger this vulnerability.

**Adobe Acrobat Reader out-of-bounds read and use-after-free vulnerabilities **

_Discovered by Kamlapati Choubey of Cisco Talos._   

Adobe Acrobat Reader is one of the most popular PDF reading software currently available. Talos found an out-of-bounds read vuln, TALOS-2025-2159 (CVE-2025-43578), in the Font functionality of Adobe Acrobat Reader 2025.001.20435. A specially crafted font file embedded into a PDF can trigger this vulnerability which can lead to disclosure of sensitive information.

TALOS-2025-2170 (CVE-2025-43576) is a use-after-free vulnerability in the annotation object processing functionality of Adobe Acrobat Reader 2025.001.20435. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and could result in arbitrary code execution.

An attacker needs to trick the user into opening the malicious file to trigger either of these vulnerabilities.

Asus and Adobe vulnerabilities

Microsoft has released its monthly security update for July 2025, which includes 132 vulnerabilities affecting a range of products, including 14 that Microsoft marked as “critical.”

Tuesday, July 8, 2025 16:29

Microsoft has released its monthly security update for July 2025, which includes 132 vulnerabilities affecting a range of products, including 14 that Microsoft marked as “critical.”  

In this month's release, Microsoft observed none of the included vulnerabilities being actively exploited in the wild. Out of 14 "critical" entries, 11 are remote code execution (RCE) vulnerabilities in Microsoft Windows services and applications including KDC Proxy service, Microsoft Office and SharePoint server. 

CVE-2025-49735 is an RCE vulnerability in Windows KDC Proxy Service (KPSSVC) given a CVSS 3.1 score of 8.1. To successfully exploit this vulnerability, an unauthenticated attacker could use a specially-crafted application to leverage a cryptographic protocol vulnerability in KPSSVC to perform RCE against the target. Microsoft has noted that this vulnerability only affects Windows servers that are configured as a Kerberos key Distribution Center (KDC) Proxy Protocol server, and domain controllers are not affected. Microsoft assessed that the attack complexity is “high,” and exploitation is "more likely."  

CVE-2025-49704 is an RCE vulnerability in Microsoft SharePoint server given a CVSS 3.1 score of 7.7. Microsoft noted that this vulnerability in Microsoft Office SharePoint is due to improper control of generation of code (“code injection”) which would allow an authenticated attacker to execute code over a network. To exploit this vulnerability, an authenticated attacker in a network-based attack, with a minimum of Site Member permission, could execute arbitrary code remotely on the SharePoint server. Microsoft assessed that the attack complexity is “low,” and exploitation is “more likely."  

CVE-2025-49695, CVE-2025-49696, CVE-2025-49697, CVE-2025-49698, CVE-2025-49702 and CVE-2025-49703 are RCE vulnerabilities in Microsoft Office and Microsoft Word. The vulnerabilities CVE-2025-49695 and CVE-2025-49698 are "use after free” (UAF) vulnerabilities that occur when Microsoft Office tries to access memory that has already been freed. CVE-2025-49696 is an out-of-bounds read in Microsoft Office. Microsoft assessed that for CVE-2025-49695 and CVE-2025-49696, the attack complexity is "low," and exploitation is "more likely." For CVE-2025-49697, CVE-2025-49698, CVE-2025-49702 and CVE-2025-49703, the attack complexity is "low," and exploitation is "less likely."   

CVE-2025-48822 is an RCE vulnerability in Windows Hyper-V Discrete Device Assignment (DDA) given a CVSS 3.1 score of 8.6. This vulnerability is an out-of-bounds read in Hyper-V that could allow an unauthorized attacker to execute code locally. Microsoft assessed that the attack complexity is “low,” and exploitation is “less likely.” 

CVE-2025-47981is an RCE vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism given a CVSS 3.1 score of 9.8. This vulnerability is a heap-based buffer overflow that could allow an unauthorized attacker to execute code over a network. According to Microsoft, this vulnerability affects Windows client machines running Windows 10, version 1607 and above, due to the following GPO being enabled by default on these operating systems: "Network security: Allow PKU2U authentication requests to this computer to use online identities." Microsoft has assessed that the attack complexity is “low,” and exploitation is “more likely.”  

CVE-2025-49717 is an RCE vulnerability in Microsoft SQL Server, given a CVSS 3.1 score of 8.5. This vulnerability is a heap-based buffer overflow that could allow an unauthorized attacker to execute code over a network. However, Microsoft has assessed “exploitation unlikely”. 

The last critical vulnerability listed (CVE-2025-47980) is an information disclosure in Windows Imaging Component that, if exploited, could allow an attacker to read small portions of heap memory. Microsoft has assessed that the attack complexity is “low,” and exploitation is “less likely."   

Talos would also like to highlight the following "important" vulnerabilities as Microsoft has determined that their exploitation is "more likely:"  

*   CVE-2025-49701: Microsoft SharePoint Remote Code Execution Vulnerability 
*   CVE-2025-49724: Windows Connected Devices Platform Service Remote Code Execution Vulnerability 

A complete list of all the other vulnerabilities Microsoft disclosed this month is available on its update page.   

In response to these vulnerability disclosures, Talos is releasing a new Snort ruleset that detects attempts to exploit some of them. Please note that additional rules may be released at a future date, and current rules are subject to change pending additional information. Cisco Security Firewall customers should use the latest update to their ruleset by updating their SRU. Open-source Snort Subscriber Ruleset customers can stay up to date by downloading the latest rule pack available for purchase on Snort.org.   

Snort 2 rules included in this release that protect against the exploitation of many of these vulnerabilities are: 64435, 64436, 65092, 65096 – 65107, 65110 – 65113.  

The following Snort 3 rules are also available: 301114, 301268 – 301272.

Microsoft Patch Tuesday for July 2025 — Snort rules and prominent vulnerabilities

Cisco fixes critical root credential vulnerability in Unified CM rated CVSS 10 urging users to patch now to stop remote admin takeovers.

Cisco, a leading networking hardware company, has issued an urgent security alert and released updates to address a severe vulnerability in its Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME). This critical flaw, identified as CVE-2025-20309, carries the highest possible severity rating, a CVSS score of 10.0, indicating it can be easily exploited with devastating consequences.

****Understanding the Threat****

The vulnerability stems from “static user credentials for the root account that are reserved for use during development,” as stated by Cisco in its advisory. In simpler terms, these systems were shipped with a secret, unchanging username and password for a super-user account, known as the root user. A root user has complete control over a system, able to execute any command and access all files. Because these credentials are _static_, meaning they don’t change and cannot be deleted by users, so, they present a constant backdoor.

An attacker could use these hardcoded credentials to remotely log into an affected device without needing any prior authentication. Once logged in as the root user, they could gain full administrative privileges, allowing them to take complete control of the communication system. This could lead to a wide range of attacks, from disrupting services to stealing sensitive data or even using the compromised system to launch further attacks within a network.

****Affected Systems and Solutions****

The security flaw impacts Cisco Unified CM and Unified CM SME versions ranging from 15.0.1.13010-1 through 15.0.1.13017-1. More importantly, this vulnerability exists regardless of how the device is configured, making a broad range of systems potentially susceptible. While Cisco discovered the flaw through its own internal security testing and has not found any evidence of it being actively exploited in the wild, the extreme severity necessitates immediate action.

There are no temporary workarounds to mitigate this risk. Cisco has released software updates to fix the vulnerability, advising all affected customers to upgrade their systems without delay. Customers with service contracts can obtain these updates through their usual channels, while others can contact Cisco’s Technical Assistance Centre (TAC) for a free upgrade. It is crucial for organizations to apply these patches swiftly to protect their communication infrastructure from potential compromise.

“First and foremost, any organization using this platform needs to upgrade as soon as possible. Furthermore, they need to refer to the indicators of compromise details provided in the Cisco advisory and immediately enact their incident response processes,” said Ben Ronallo, Principal Cyber Security Engineer at Black Duck, a Burlington, Massachusetts-based provider of application security solutions.

“Because the credentials belong to a root (i.e., admin) account, the potential for malicious activity is significant. One plausible effect of this could be that an attacker is able to modify network routing for social engineering or data exfiltration purposes,” Ben warned.

Cisco Issues Emergency Fix for Critical Root Credential Flaw in Unified CM

This Fourth of July, Bruce, the 25-foot mechanical shark from Jaws, shares how his saltwater struggles mirror the need for real-world cybersecurity stress testing.

Thursday, July 3, 2025 14:00

Welcome to this week’s edition of the Threat Source newsletter. 

Hi, I’m Bruce, the 25-foot mechanical star of “Jaws.”  

This summer marks 50 years since my 4 minutes of screentime kept people out of the water for decades. Maybe this Fourth of July weekend you’re planning to sea-shanty your way to a special screening? If you do, here’s a little behind-the-scenes story on how my endless malfunctions almost made Spielberg hang up his director hat before you could say “phone home.” 

I was built for a studio tank — a predictable and safe environment. But Spielberg, in pursuit of realism, had other plans. He threw me into the Atlantic, where the salt water, rolling waves and unruly weather conditions caused more chaos than anybody had bargained for. 

Each day, my hydraulics jammed, my pneumatics corroded and my paint peeled like a sunburned tourist on Amity Beach.

There were days when the crew could only capture one or two shots before either I broke, the weather broke, or one of the actors’ egos broke. Every night they’d patch me up and whisper an assortment of four-letter words into my rusty gills.

My saving grace became Verna Fields, aka “Mother Cutter.” Spielberg’s editor was the one to suggest they only use fleeting moments of footage starring yours truly. While I bobbed around like a skydancer on a windless day, Verna worked her magic: stitching reactions, cutting away at just the right moment and building tension with empty water. She turned me from a potential failure to a legend. 

And thus, I became a lesson in what happens when you build for a predictable environment but deploy in the wild. Sound familiar? 

I’ve been told that readers of Talos’ Threat Source Newsletter are security folks, and I’ve been asked to write something just for you. Here it goes… 

*   _“You’re gonna need a bigger boat.”_ Overprepare. Expect things to go wrong.  
*   _“It’s only an island if you look at it from the water.”_ Perspective matters. Make sure your alerts are honed to spot the things that really matter. 
*   _“Smile, you son of a…”_ Sometimes, your last line of defense is your defining moment. Should everything else fail, make sure you have something left in the tank. 

In cybersecurity, your green ticked audit checklists mean nothing if you haven’t pressure-tested your environment against real red teamers. Incident response plans need ocean trials, not just bullet points. 

If I have a legacy beyond people sticking their noggin in my teeth for “the gram,” it’s this: Build your defenses for salt water, not studio tanks. And remember, the mayor always wants to keep the network open... 

_Editor’s note: I’d like to thank Bruce for his time and perspective, and I hope he found our studio a relaxing place to write. I’m also sorry that I only had two barrels and not the requested three for him to play with._ 

_Bruce’s story is why_ _Cisco Talos Incident Response_ _exists: to help you prepare for the effects of salt water before they wreak havoc on your system. With Talos IR, you can stress test your defenses using real world scenarios and incident responders who’ve experienced just about everything there is to see._ 

_Enjoy the Fourth of July weekend, and remember to listen out for the_ duh dun.

**The one big thing **

Cisco Talos has enhanced its email threat detection engine to address brand impersonation tactics using PDF payloads in phishing attacks. These attacks often exploit popular brands to steal sensitive information, employing methods like QR code phishing and telephone-oriented attack delivery (TOAD), where victims are tricked into calling adversary-controlled phone numbers. Adobe’s e-signature service and PDF annotations have also been abused to bypass detection systems. 

**Why do I care? **

Phishing attacks are getting sneakier, using PDFs and trusted brands to trick people into giving up personal info or downloading malicious software. If you're not careful, you could fall for one of these scams, especially since attackers are using clever tactics like fake phone numbers or QR codes to seem legitimate. 

**So now what? **

Be extra cautious with emails containing PDFs, even if they look legit. Avoid scanning QR codes or calling phone numbers from unsolicited emails. Cisco’s detection tools are updated often, but staying vigilant and double-checking anything suspicious is your best defense.

**Top security headlines of the week **

**Europol Dismantles $540 Million Cryptocurrency Fraud Network, Arrests Five Suspects**   
The international effort, codenamed Operation Borrelli was carried out by the Spanish Guardia Civil, along with support from law enforcement authorities from Estonia, France, and the United States. (The Hacker News) 

**International Criminal Court hit by new 'sophisticated' cyberattack**   
In a statement yesterday, the ICC revealed that it had contained a "sophisticated and targeted" cybersecurity incident, which was discovered by systems in place to detect cyberattacks targeting its systems. (Bleeping Computer) 

**Windows’ Infamous ‘Blue Screen of Death’ Will Soon Turn Black**   
After more than 40 years of being set against a very recognizable blue, the updated error message will soon be displayed across a black background. (SecurityWeek) 

**Ahold Delhaize Data Breach Impacts 2.2 Million People**   
The incident impacted Giant Food pharmacies, Food Lion and Stop & Shop, among others. Stolen information may include names, contact info, date of birth, SSN, passport number, financial account information and more. (SecurityWeek) 

**Germany asks Google, Apple remove DeepSeek AI from app stores**   
The Berlin Commissioner for Data Protection has formally requested Google and Apple to remove the DeepSeek AI application from the application stores due to GDPR violations. (Bleeping Computer)

**Can’t get enough Talos? **

**Decrement by one to rule them all: AsIO3.sys driver exploitation**   
Learn how our researcher, Marcin Noga, found two critical vulnerabilities in ASUS’ Armory Crate and AI Suite drivers.

**Talos Takes: Teaching LLMs to spot malicious PowerShell scripts**   
Hazel chats with Ryan Fetterman from the SURGe team to explore his new research on how LLMs can assist security operations centers in identifying malicious PowerShell scripts.

**Beers with Talos: Terms and conceptions may apply**  
In this episode, the crew reassembles after a totally intentional and not-at-all accidental hiatus. They cover AI-assisted IVF, a possible underground war against dairy, and the real heroes: conference dogs.

**Upcoming events where you can find Talos **

*   NIRMA (July 28 – 30) St. Augustine, FL 
*   Black Hat USA (Aug. 2 – 7) Las Vegas, NV 

**Most prevalent malware files from Talos telemetry over the past week **

**SHA 256: 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507**   
MD5: 2915b3f8b703eb744fc54c81f4a9c67f   
VirusTotal: https://www.virustotal.com/gui/file/9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507   
Typical Filename: VID001.exe   
Claimed Product: N/A   
Detection Name: Win.Worm.Coinminer::1201 

**SHA 256: cd697cc93851d0b1939a7557b9ee9b3c0f56aab4336dd00ff6531f94f7e0e836**   
MD5: c94c094513f02d63be5ae3415bba8031   
VirusTotal: https://www.virustotal.com/gui/file/cd697cc93851d0b1939a7557b9ee9b3c0f56aab4336dd00ff6531f94f7e0e836/details  
Typical Filename: setup   
Claimed Product: N/A   
Detection Name: W32.Variant:Gen.28iv.1201 

**SHA 256: 57a6d1bdbdac7614f588ec9c7e4e99c4544df8638af77781147a3d6daa5af536**   
MD5: 79b075dc4fce7321f3be049719f3ce27   
VirusTotal: https://www.virustotal.com/gui/file/57a6d1bdbdac7614f588ec9c7e4e99c4544df8638af77781147a3d6daa5af536/details   
Typical Filename: RemCom.exe   
Claimed Product: N/A   
Detection Name: W32.57A6D1BDBD-100.SBX.VIOC 

**SHA 256: a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91**     
MD5: 7bdbd180c081fa63ca94f9c22c457376     
VirusTotal: https://www.virustotal.com/gui/file/a31f222fc283227f5e7988d1ad9c0aecd66d58bb7b4d8518ae23e110308dbf91/details  
Typical Filename: IMG001.exe    
Claimed Product: N/A   
Detection Name: Simple\_Custom\_Detection   

**SHA 256: 061e13a4fc9f1d4da0671082d5e4666f316bb251f13eded93f9cdb4a584d0bc0**   
MD5: 8d74e04c022cadad5b05888d1cafedd0  
VirusTotal: https://www.virustotal.com/gui/file/061e13a4fc9f1d4da0671082d5e4666f316bb251f13eded93f9cdb4a584d0bc0/details  
Typical Filename: smhost.exe   
Claimed Product: N/A   
Detection Name: Artemis:Lazy.27fx.in14.Talos

**SHA 256: 2eb95ef4c4c24f1e38a5c8b556d78b71c8a8fb2589ed8c5b95e9d18659bde293**  
MD5: N/A  
VirusTotal: N/A, use https://talosintelligence.com/sha\_searches  
Typical Filename: N/A  
Claimed Product: N/A  
Detection Name: W32.2EB95EF4C4-100.SBX.TG

A message from Bruce the mechanical shark

Callback phishing scam emails are masquerading as messages from popular brands used for everyday tasks that put small businesses at risk.

Microsoft, DocuSign, Adobe, McAfee, NortonLifeLock, PayPal, and Best Buy’s Geek Squad are being impersonated online through malicious emails that contain fake telephone support numbers and dangerous QR codes that can ensnare victims into phishing scams.

The brands and their products are frequently relied upon for everyday administration, like sending emails, obtaining signatures, viewing documents, receiving payments, and even getting tech help, emphasizing the threat these phishing campaigns have to small business owners and their shops.

This latest suite of phishing attacks was observed by researchers at Cisco Talos, who discovered that, between May and June, the most impersonated brands for emails containing PDF attachments, in order, were:

1.  Microsoft
2.  NortonLifeLock
3.  PayPal
4.  DocuSign
5.  Geek Squad

The attacks involve a careful blend of technical evasion and social engineering to arrive in people’s inboxes and to send those people on a dangerous path—online or over the phone—into eventually handing over important login credentials or even downloading malware directly onto their computers.

The emails themselves, according to Talos researchers, often avoid phishing detection because the email bodies are blank. Without any text to review, phishing detection engines that rely strictly on text become somewhat useless.

But the cybercriminals in these attacks still have to trick targets with their emails, so they instead attach PDFs to those emails that are cleverly structured to automatically load when a person opens just the _email_, not the _attachment_. What the targets see, then, is nearly indecipherable from a regular email: a convincing company logo, a paragraph or two about an urgent need, and a telephone number, link, or QR code that the reader can follow to “fix” the issue.

One fraudulent email from “Microsoft” teased a potential raise with more information behind a QR code, another claimed to arrive from “Adobe” containing a file from “Human Resources,” two emails—one from “McAfee,” another from “PayPal”—included fake invoices for hundreds of dollars, and one falsely claimed that a target had a set of downloads to access through “Dropbox.”

As witnessed by the security researchers, many of the emails in these phishing campaigns are part of a broader type of attack called “telephone-oriented attack delivery” or, more simply, “callback phishing.” In these types of attacks, targets are tricked into taking their conversations to an entirely separate medium—the phone—where they can be preyed upon further, the researchers said.

> “Victims are instructed to call a specific number in the PDF to resolve an issue or confirm a transaction. Once the victim calls, the attacker poses as a legitimate representative and attempts to manipulate them into disclosing confidential information or installing malicious software on their computer.”

Researchers also discovered emails that contained malicious QR codes that, if scanned by victims, would send them to a separate phishing website. The phishing sites, themselves, also impersonate brands, as researchers found fake login pages for Microsoft and Dropbox.

**How to stay safe from phishing**

Though the callback phishing scams discovered by cybersecurity researchers involved clever techniques to make sure they reached people’s email inboxes, the rules of phishing detection still apply for everyday businesses. Here are the clear signs of a phishing scam (some of which were present in the callback phishing emails above):

*   **The email invokes urgency, fear, or confusion**. Scammers trick people into clicking on dangerous links or calling unknown numbers because a bigger (fake) problem needs to be addressed immediately. Slow down before taking action.
*   **The email includes attachments**. It is extraordinarily rare to receive an attachment in an email from a company that you merely do business with. Don’t trust any attachment from someone you don’t personally know.
*   **The email comes from an unknown sender**. Even if the email looks like it has arrived from a major company or a known contact, the email address itself can be spoofed—and sometimes through rather lazy attempts, like replacing letters with numbers or adding a period in the address that shouldn’t be there.
*   **The email includes a QR code**. QR codes can easily hide malicious links. Be wary around any you find inside emails.

It’s important to be able to detect phishing scams on your own, but mistakes happen everywhere, everyday. That’s why the best protection requires an active antimalware solution with web protection.

 Microsoft, PayPal, DocuSign, and Geek Squad faked in callback phishing scams 

Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) that could permit an attacker to login to a susceptible device as the root user, allowing them to gain elevated privileges.
The vulnerability, tracked as CVE-2025-20309, carries a CVSS score

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

A popular social engineering technique returns: callback phishing, or TOAD attacks, which leverage PDFs, VoIP anonymity and even QR code tricks.

Wednesday, July 2, 2025 06:00

*   Cisco recently developed and released an update to its brand impersonation detection engine for emails. This new update enhances detection coverage and includes a wider range of brands that are delivered using PDF payloads (or attachments). 
*   A significant portion of email threats with PDF payloads persuade victims to call adversary-controlled phone numbers, displaying another popular social engineering technique known as Telephone-Oriented Attack Delivery (TOAD), also known as callback phishing.  
*   Talos observed that these threat actors often use Voice over Internet Protocol (VoIP) to remain anonymous. These phone numbers are sometimes reused on consecutive days. Additionally, Talos has identified instances of Adobe platform abuse to deliver PDF attachments to victims in TOAD emails. 
*   Talos plans to collect and gather intelligence around phone numbers as an additional indicator of compromise (IOC). 
*   Talos provides new insights into the use of QR codes and PDF annotations in email threats that impersonate legitimate brands through PDF payloads.

**Brand impersonation via PDF payload **

The portable document format (PDF) is a standard method for sharing information electronically. Files created in other applications (e.g., Microsoft Word) are often converted into this format, which can then be viewed using PDF rendering applications like Adobe Reader, commonly available on most OSs. Thanks to its excellent portability, this file format is widely used for the mass distribution of documents to large audiences. However, in recent months, it has also been exploited for illegitimate purposes, such as brand impersonation. 

Brand impersonation is a social engineering technique that exploits the popularity of well-known brands to persuade email recipients to disclose sensitive information. As discussed in our previous blog, adversaries can deliver brand logos and names to victims using multiple types of payloads. One of the most common methods of delivering brand logos and names is through PDF payloads (or attachments).

In some cases, the entire email, including a brand’s logo, is embedded within a PDF attachment. Figure 1 displays an example of a QR code phishing email that impersonates the Microsoft Corporation brand. The threat actor used an enticing subject line, “Paycheck Increment,” timed strategically during periods when promotions or merit changes are likely to occur in various organizations.

Figure 1. A QR code phishing email impersonating the Microsoft brand.

In other cases, the company’s logo is included in a separate image or PDF attachment and is displayed to the victim as soon as they open the email. Below is an example of a QR code phishing email that impersonates both the Microsoft and Adobe Inc. brands. Figure 2 shows the Adobe logo attached to an email as an image file.

Figure 2. A QR code phishing email impersonating the Microsoft and Adobe brands.

A brand’s logo may not always be present in every brand impersonation attempt. For example, the following phishing email, which impersonates the Adobe brand, does not include any logos.

Figure 3. A phishing email impersonating the Adobe brand.

When the victim clicks on the “View the Attached online here” hyperlink, they are redirected to a phishing page impersonating a Dropbox, Inc. webpage.

Figure 4. Phishing page impersonating Dropbox download page.

Figure 5. The final phishing page of the above email, impersonating the Dropbox brand.

**Telephone-oriented attack delivery (TOAD) **

A significant portion of email threats with PDF payloads persuade victims to call adversary-controlled phone numbers, displaying another popular social engineering technique: telephone-oriented attack delivery (TOAD), also known as callback phishing.  

Victims are instructed to call a specific number in the PDF to resolve an issue or confirm a transaction. Once the victim calls, the attacker poses as a legitimate representative and attempts to manipulate them into disclosing confidential information or installing malicious software on their computer.

Figure 6. Overview of a typical TOAD attack sequence.

Phishing typically involves sending emails or messages with malicious links or attachments that direct the victim to a counterfeit website. Callback phishing, however, does not rely on fake websites or phishing links. Instead, attackers use direct voice communication to exploit the victim's trust in phone calls and the perception that phone communication is a secure way to interact with an organization. Additionally, the live interaction during a phone call enables attackers to manipulate the victim's emotions and responses by employing social engineering tactics. Callback phishing is, therefore, a social engineering technique rather than a traditional email threat.  

Most phone numbers found in email threats leveraging this social engineering technique are Voice over Internet Protocol (VoIP) numbers, as it is significantly harder to trace a VoIP number back to a specific individual or physical location compared to a traditional phone number. Below is an example of a TOAD attack that impersonates the McAfee LLC brand.

Figure 6. A TOAD example impersonating the McAfee brand.

Talos has observed that phone numbers are sometimes reused on consecutive days. This could happen for multiple reasons. First, intelligence about phone numbers is collected and distributed at a slower pace compared to other artifacts like URLs and files. In most cases, phone numbers observed in emails by cybersecurity companies are not shared with third-party reputation services, or vice versa. As a result, these phone numbers often remain under the radar for several days. Second, the reuse of phone numbers provides logistical advantages for scam call centers. It enables consistent contact for multi-stage social engineering attacks, scheduling callbacks, and maintaining a credible "brand" presence with victims. Lastly, phone numbers may be reused to minimize costs, particularly if the VoIP service is not free. The plot below illustrates a case where the number +1-818-675-1874 was used in TOAD emails impersonating Best Buy’s Geek Squad brand for four consecutive days.

Figure 7. An example of phone number reuse (+1-818-675-1874) in TOAD emails on consecutive days.

Talos has also observed several cases of e-signature service abuse on the Adobe platform between April and May 2025. Figure 8 shows an example email that impersonates the PayPal brand. In this case, the entire PDF file (i.e., the body of the email) was uploaded to Adobe and sent directly to the victim through the e-signature service.

Figure 8. A TOAD example impersonating the PayPal brand.

Figure 9. The Adobe’s e-signature service abuse in TOAD.

**QR codes in PDF payloads **

Adversaries extensively use QR codes alongside brand impersonation phishing emails, a tactic known as QR code phishing. As seen in Figures 10 – 12, attackers exploit the legitimacy of popular brands to convince users to scan the QR code, ultimately redirecting them to a phishing page, which is often protected by some form of CAPTCHA.

Figure 10. A QR code phishing email impersonating the Docusign, Inc. brand.

Figure 11. CAPTCHA protecting the final phishing page.

Figure 12. Final phishing page.

In most QR code phishing emails with PDF payloads, the entire email body is embedded in the attachment and is rendered for the victim as soon as they open the email. This technique easily evades email filters and detection engines that rely on textual features and keywords, unless preceded by optical character recognition (OCR) analysis. However, OCR is an error-prone process and increases computational costs.

**Annotations in PDF payloads **

Although the PDF format is an open standard, its structure is not straightforward to understand (this book provides an excellent explanation). PDFs can contain both visible and hidden information within their three main components: the text layer, the image layer and the internal structure (e.g., comments and annotations). This flexibility allows certain elements within a PDF to make it appear legitimate, helping it evade spam filters and detection systems. 

To make QR code phishing emails more evasive, attackers often exploit otherwise legitimate PDF annotations. For example, a phishing URL might be embedded in a text annotation, sticky note, comment, or form field within a PDF attachment. Alternatively, attackers may add irrelevant text (or "noise") to bypass detection systems. 

Figures 13 and 14 demonstrate how multiple URLs can be embedded in a PDF attachment using annotations. In this case, the QR code may link to a legitimate web page to build the recipient’s trust, while the embedded annotation points to the actual phishing page. To further obscure the attack, attackers may use shortened URLs, making it harder for users to verify the link's legitimacy before clicking.

Figure 13. A QR code phishing email impersonating the Microsoft brand.

Figure 14. An example PDF attachment with a QR code; two URLs are included in this file in the form of annotations.

**Trends of brand impersonation via PDF payloads **

Brand impersonation remains a prevalent social engineering tactic in phishing attacks, with Talos frequently observing PDF payloads delivering brand names or logos in recent months. 

Using Cisco Secure Email Threat Defense’s brand impersonation detection engine, we uncovered how widespread these attacks are. The plot in Figure 15, reflecting the period between May 5 and June 5, 2025, highlights the most impersonated brands detected in emails with PDF attachments. Microsoft and Docusign were among the most frequently impersonated brands in phishing emails with PDF attachments. Similarly, NortonLifeLock, PayPal, and Geek Squad were among the most impersonated brands in TOAD emails with PDF attachments.

Figure 15. The topmost brands impersonated in emails with PDF attachments.

The map in Figure 16 indicates where brand impersonation attempts using PDF attachments originated for the above brands, both locally and internationally, during this time period.

Figure 16. The originating IP addresses of brand impersonation attempts using PDF attachments.

**Protection against brand impersonation**

Brand impersonation is one of the most popular social engineering techniques, and it is continuously being used by attackers in different types of email threats. Therefore, a brand impersonation detection engine plays a pivotal role in defending against cyber attacks. 

Cisco Talos relies on a wide range of systems to detect this type of threat and protect our customers, from rule-based engines to advanced machine learning-based systems. Learn more about Cisco Secure Email Threat Defense's brand impersonation detection engine here.

Tag

#cisco