Security
Headlines
HeadlinesLatestCVEs

Source

TALOS

New ShroudedSnooper actor targets telecommunications firms in the Middle East with Novel Implants

Cisco Talos has discovered a new intrusion set we're calling "ShroudedSnooper" consisting of two new implants "HTTPSnoop" and "PipeSnoop" targeting telecommunications firms in the middle-east.

TALOS
Open in Source
#web#windows#microsoft#linux#cisco#git#backdoor#auth
Turns out even the NFL is worried about deepfakes

With the popularity of pay-for-shoutout services like Cameo, it’d be fairly easy for someone to develop a convincing enough deepfake of a player and try to steal someone’s money by saying they could prank their fantasy football league for $50.

How Cisco Talos IR helped a healthcare company quickly resolve a Qakbot attack

A healthcare company recently detected a potential Qakbot infection early, and with the help of the Talos IR team, evicted the threat actor from their network quickly before any harm could come to the organization or its customers.

Microsoft Patch Tuesday for September 2023 — Unusually low 5 critical vulnerabilities included in Microsoft Patch Tuesday, along with two zero-days

Microsoft disclosed 65 vulnerabilities across its suite of products and software Tuesday, only five of which are considered critical, which is very low compared to Microsoft’s usual security updates.

You can try to hide your firmware from Kelly Patterson, but she’ll find it (and break it)

Patterson and her teammates are responsible for helping to disclose and patch more than 200 security vulnerabilities a year, some of which affect devices used in thousands of households around the world.

A secondhand account of the worst possible timing for a scammer to strike

Cybercriminals are abusing Advanced Installer, a legitimate Windows tool used for creating software packages, to drop cryptocurrency-mining malware on infected machines, new Cisco Talos research shows.

Cybercriminals target graphic designers with GPU miners

Cybercriminals are abusing Advanced Installer, a legitimate Windows tool used for creating software packages, to drop cryptocurrency-mining malware including PhoenixMiner and lolMiner on infected machines.

Eight vulnerabilities in Open Automation Software Platform could lead to information disclosure, improper authentication

OAS Platform allows various devices, including PLCs, servers, files, databases and internet-of-things platforms to communicate with one another and share data when they otherwise would be unable to because of their various protocols.

New open-source infostealer, and reflections on 2023 so far

A new open-source information stealer called ‘SapphireStealer’ has been observed across public malware repositories with increasing frequency. Plus, watch a new series of videos on the year so far in the threat landscape.

SapphireStealer: Open-source information stealer enables credential and data theft

SapphireStealer, an open-source information stealer, has been observed across public malware repositories with increasing frequency since its initial public release in December 2022. Information-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate credentials, which are often resold to other threat actors who leverage the access for