Talos Archives - Securezoo

Foxit PDF Reader vulnerabilities could lead to code execution

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / February 1, 2022 February 1, 2022 / CVE-2021-40420, CVE-2022-22150, Foxit, PDF, Talos

Researchers from Cisco Talos security group have discovered vulnerabilities in popular Foxit PDF Reader that could lead to code execution.

Cisco Talos team discovers malicious campaign delivering Nanocore, Netwire and Async RATs

Malware, Phishing / By Frank Crast / January 17, 2022 January 17, 2022 / Async, Cisco, Nanocore, Netwire, RAT, Talos

The Cisco Talos cybersecurity team discovered a malicious campaign delivering variants of Nanocore, Netwire and Async RATs targeting user’s information.

New version of CRAT remote access trojan targets endpoints

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / November 17, 2020 November 17, 2020 / Cisco, CRAT, CVE-2017-8291, Ghostscript, Hansom, malware, RAT, Talos

Security researchers from Cisco have discovered a new version of remote access trojan (RAT) dubbed “CRAT” that targets endpoints.

Divergent “fileless” NodeJS malware used for click-fraud

Malware, Vulnerabilities & Exploits / By Frank Crast / September 30, 2019 September 30, 2019 / Divergent, Fileless, JavaScript, Kovter, malware, NodeJS, Talos, WinDivert

Attackers are using a “fileless” malware dubbed Divergent to generate revenue via click-fraud. Divergent further uses NodeJS and a WinDivert utlility to facilitate the malware attack.

Tortoiseshell targets US veterans with fake website used to download malware

Cybersecurity Attacks, Malware / By Frank Crast / September 25, 2019 September 25, 2019 / IvizTech, malware, RAT, Talos, Tortoiseshell

A cyber attack group dubbed “Tortoiseshell” has deployed a fake website posing as a site to help U.S. military veterans find jobs. The website is then used to download malware to visitors’ systems.

NETGEAR denial-of-service vulnerabilities fixed (CVE-2019-5054, CVE-2019-5055)

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / September 10, 2019 September 10, 2019 / Cisco, NETGEAR, Router, Talos, WiFi

Researchers have discovered two denial of service (DoS) vulnerabilities in NETGEAR N300 home wireless routers. NETGEAR has issued firmware updates to address the issues.

Multiple Jenkins plugin vulnerabilities

Application Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / May 7, 2019 August 18, 2020 / Ansible, CVE-2019-10300, CVE-2019-10309, CVE-2019-10310, DevOps, GitLab, Jenkins, Swarm, Talos

Multiple vulnerabilities have been discovered in Jenkins plugins that could lead to information disclosure. The three affected plugins are Swarm, Ansible and GitLab.

“Sea Turtle” DNS hijacking campaign

Cybersecurity Attacks, Network Security / By Frank Crast / April 17, 2019 January 18, 2021 / DNS, hijacking, Sea Turtle, Talos

Security experts warn of a new cyber threat campaign dubbed “Sea Turtle” that targets public and private organizations in the Middle East and North Africa. The ongoing operation likely lasted from January 2017 through the first quarter of this year.

Cyberattacks on unsecured Elasticsearch clusters

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / February 28, 2019 July 13, 2019 / CVE-2014-3120, CVE-2015-1427, ElasticSearch, honeypot, LinuxT, Talos

Security experts from Cisco Talos have spotted a spike in cyberattacks targeting unsecured Elasticsearch clusters running on older versions
1.4.2 and lower.

Emotet malware threat re-emerges with new features

Malware, Messaging Security, Phishing / By Frank Crast / January 19, 2019 April 18, 2020 / Cisco, Cybercrime, email, Emotet, malware, Proxy, Ransomware, SORBS, SpamCop, Spamhaus, Talos

The infamous banking trojan Emotet is re-emerging via new cyber campaigns after a low period of activity over the recent Christmas holidays. Emotet is one of the most widely developed and distributed malware families used by cyber criminals.