Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

Now’s not the time to take our foot off the gas when it comes to fighting disinformation online

YouTube released a statement that “we will stop removing content that advances false claims that widespread fraud, errors, or glitches occurred in the 2020 and other past US Presidential elections.”

TALOS
Open in Source
#sql#vulnerability#web#google#microsoft#cisco#ddos#dos#java#pdf#auth#zero_day#chrome
Urgent Security Updates: Cisco and VMware Address Critical Vulnerabilities

VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution. The most critical of the three vulnerabilities is a command injection vulnerability tracked as CVE-2023-20887 (CVSS score: 9.8) that could allow a malicious actor with network access to achieve remote code execution. Also patched by

Adversaries increasingly using vendor and contractor accounts to infiltrate networks

The software supply chain has become a key security focus for many organizations, but the risks associated with supply chain attacks are often misunderstood.

How Joe Marshall helps defend everything from electrical grids to grain co-ops across multiple continents

Marshall is a senior security strategist for Talos’ Strategic Communications team, specifically focusing on industrial control systems.

The Messy US Influence That’s Helping Iranians Stay Online

Newly announced sanctions against Iran-based Avaran Cloud underscore the complexity of crafting Washington’s internet freedom efforts.

CVE-2022-24695: IEEE Symposium on Security and Privacy 2023

Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with device capabilities and identifiers, some of which may contain identifying information about the device owner. This additionally allows the attacker to establish a connection to the target device.

New Botnet Malware 'Horabot' Targets Spanish-Speaking Users in Latin America

Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. "Horabot enables the threat actor to control the victim's Outlook mailbox, exfiltrate contacts' email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim's mailbox," Cisco Talos researcher Chetan Raghuprasad

Cybersecurity for businesses of all sizes: A blueprint for protection

Developing a robust cybersecurity practice involves implementing multiple layers of security measures that are interconnected and continually monitored, including training and awareness programs to ensure that employees follow best practices.

Legislation alone isn’t enough to stop spyware

The latest on a newly discovered phishing botnet and the latest headlines regarding how countries use spyware.

New Horabot campaign targets the Americas

Cisco Talos has observed a threat actor deploying a previously unidentified botnet program Talos is calling “Horabot,” which delivers a known banking trojan and spam tool onto victim machines in a campaign that has been ongoing since at least November 2020.