You searched for Talos | SC Media

Your search for Talos returned 21 results

Active Filters

Click on a filter below to refine your search. Remove a filter to broaden your search.

Home remove
Bradley Barth remove

Your search for Talos returned 21 results

Sort Results:

Relevant Recent
APTs/cyberespionage, Cybercrime, Security News

Sea Turtle DNS hijackers linked to breach of Greece’s ccTLD organization

Despite being publicly exposed earlier this year, the actors behind the malicious Sea Turtle DNS hijacking campaign continue to unabashedly rack up new victims, and apparently added a new technique to their repertoire, a new report states. The group made waves last April when researchers at Cisco’s Talos unit reported that the attackers have been…
Network Security, Security News

Researchers disclose six privilege escalation bugs in Shimo VPN client

The Shimo VPN client for Mac systems contains six privilege escalation vulnerabilities that have yet to be patched by its developers, researchers from Cisco’s Talos division reported yesterday. Shimo is a product that allows users to connect multiple VPN accounts to a single application. Discovered by Cisco Labs researcher Tyler Bohan, all six flaws were…
APTs/cyberespionage, Cybercrime, Malware, Phishing, Security News

Phishing campaign targeted subscribers to Tibetan Government-in-Exile’s mailing list

Subscribers to a Tibetan Government-in-Exile mailing list were targeted in a recent email-based phishing campaign designed to infect them with a remote access trojan. Dubbed ExileRAT, the trojan is capable of gathering system information, retrieving and pushing files, and executing and ending various processes, according to a blog post from Cisco Systems’ Talos division, whose…
Security in 2015: Biometrics
Mobile Security, Research, Security News

Researchers fool devices’ biometric scanners with replicated fingerprints

Researchers at Cisco Talos said they were able to fool biometrics-based user authentication technology on eight mobile devices by using 3D-printed molds to create replicates of users’ fingerprints. The process Talos researchers developed to fabricate a user’s biometric signature required a painstaking effort, and in real life would require either direct or indirect access to…
APTs/cyberespionage, Malware, Security News, Website/Web Server Security

DNSpionage actors adjust tactics, debut new remote administration tool

The actors responsible for the DNSpionage DNS hijacking campaign have altered some of their tactics, techniques and procedures (TTPs), introducing a new reconnaissance phase as well as a new malicious remote administration tool called Karkoff. Discovered last November, the operation primarily targets Lebanon- and United Arab Emirates-affiliated .gov domains, commandeering the websites’ DNS servers so…
The first half of 2013 saw a 355 percent uptick in social spam. Facebook is a big target.
Cybercrime, Email Security, Government, Malware, Phishing, Security News

Renewed Emotet phishing activity targets UN, government and military users

Since resuming operations after a holiday hiatus, the malicious actors behind the Emotet banking trojan network have reportedly targeted at least 82 countries with spam and crafted a special phishing campaign targeting the United Nations. Meanwhile, an additional report has revealed an increase in Emotet phishing activity targeting government and military entities over the last…
Turkey main
Cybercrime, Malware, Phishing, Security News

Attackers use evolved code injection technique to target Turkey with Adwind RAT

A new spam campaign that debuted last August is attempting to infect Turkish targets with the Adwind 3.0 remote access tool, using a previously undiscovered variant of a code injection attack that exploits Microsoft’s Dynamic Data Exchange (DDE) data transfer protocol. A key improvement to this variant is that it features new techniques to avoid anti-malware software…
Cybercrime, Malware, Ransomware, Security News, Vulnerabilities

New Sodinokibi ransomware delivered via Oracle WebLogic vulnerability

A remotely exploitable vulnerability in the Oracle WebLogic Server is currently the attack vector of choice for malicious actors to deliver a newly discovered ransomware called Sodinokibi. Sokinokibi encrypts data found in the user directory and leverages the Microsoft Windows vssadmin.exe utility to delete any “shadow copies” (created by default back-up mechanisms) in order to…
Security News, Vulnerabilities

ProtonVPN and NordVPN reinforce incomplete patch for code execution bug

Two OpenVPN-based virtual private network clients have reportedly updated their software after a researcher discovered that a previous attempt to patch an arbitrary code execution vulnerability was not entirely effective. According to Cisco Systems’ Talos division, the bugs in Switzerland-based ProtonVPN (CVE-2018-4010) and Panama-based NordVPN (CVE-2018- 3952) can allow attackers in Windows environments to use…
FancyBear APT
APTs/cyberespionage, Cybercrime, Malware, Security News

Seven additional modules make Fancy Bear’s VPNFilter malware even more versatile

Researchers have discovered seven additional third-stage modules in the VPNFilter malware that has been infecting hundreds of thousands of global networking devices in Ukraine and around the world since at least 2016. Believed to be the creation of Russian APT group Fancy Bear, VPNFilter remains a credible threat, despite recent efforts taken to expose the…
Next post in APTs/cyberespionage