Articles about talos

rat

Cisco smells a RAT in Breaking Security's Remcos PC wrangler

Updated Cisco Talos says criminals are using one research company's testing tools to set up and run botnets. A report released Wednesday by Talos researchers found that Breaking Security's Remcos remote control tool and Octopus Protector encryption utility, along with other Breaking Security tools, are being used in the wild to set up …
Shaun Nichols, 22 Aug 2018
VPNFilter logo by Talos

VPNFilter router malware is a lot worse than everyone thought

Asus, D-Link, Huawei, Ubiquiti, UPVEL, and ZTE: these are the vendors newly named by Cisco's Talos Intelligence whose products are being exploited by the VPNFilter malware. As well as the expanded list of impacted devices, Talos warned that VPNFilter now attacks endpoints behind the firewall, and sports a “poison pill” to …
Putin

Advanced VPNFilter malware menacing routers worldwide

A newly-disclosed malware infection has compromised more than 500,000 home and small office routers and NAS boxes. Researchers with Cisco Talos say the malware, dubbed VPNFilter, has been spreading around the globe, but appears to primarily be largely targeting machines in the Ukraine. wifi Wish you could log into someone's …
Shaun Nichols, 23 May 2018
Telegram from dictionary

Russian malware harvesting Telegram Desktop creds, chats

Already under attack by Russia's telecommunications regulator, a new source of woe has emerged for crypto-chat app Telegram: malware. In news that won't surprise anybody at all, researchers from Cisco Talos say the malware attacking Telegram's desktop app was written by a Russian speaker. Vitor Ventura and Azim Khodjibaev …
Spectre, photo Metro Goldwyn Mayer Studios Danjaq and Columbia Pictures Industries

Spectre shenanigans, Nork hackers upgrade, bad WD drives and more

Roundup Here's a summary of this week's infosec news beyond what we've already covered in detail. Exploits for chip blunders spook antivirus land First up, January's Meltdown and Spectre processor security design flaws continue to haunt the IT world. Fortinet put out an advisory on Tuesday warning 119 variants of code that exploit …
Iain Thomson, 3 Feb 2018
miner

Good news, everyone: Ransomware declining. Bad news: Miscreants are turning to crypto-mining on infected PCs

For the past few years, ransomware has been a bane of computer users. These software nasties infect PCs, scramble files, and demand payment in cryptocurrency to restore the documents. Those cryptocurrencies are a right faff to get hold of and transfer to miscreants at short notice. And there's no guarantee crooks will hand …
Iain Thomson, 1 Feb 2018
Homer Simpson

CCleaner targeted top tech companies in attempt to lift IP

Cisco's security limb Talos has probed the malware-laden CCleaner utility that Avast so kindly gave to the world and has concluded its purpose was to create secondary attacks that attempted to penetrate top technology companies. Talos also thinks the malware may have succeeded in delivering a payload to some of those firms …
Simon Sharwood, 21 Sep 2017

Microsoft won't patch Edge browser content security bypass

Which of Google, Apple and Microsoft think a content security bypass doesn't warrant a browser patch? Thanks to Cisco Talos security bod Nicolai Grødum, who found the cross-site scripting bug that affects older Chrome and Safari plus current versions of Edge, we know the answer is "Microsoft". Grødum posted news of Microsoft' …

Apache Struts 2 needs patching, without delay. It's under attack now

Infosec researchers have found a “dire” zero-day in Apache Struts 2, and it's under active attack. If you're a sysadmin using the Jakarta-based file upload Multipart parser under Apache Struts 2, Nick Biasini of Cisco's Talos advises applying the latest upgrade immediately. CVE-2017-5638 is documented at Rapid7's Metasploit …
plasters cover arm. photo by shutterstock

Talos opens box, three Aerospike vulns fly out

Aerospike NoSQL server DBAs, make sure you've rolled out version 3.11.1.1, because the vulnerabilities it fixes have been made public. Cisco Talos made the three-vuln disclosure after the fix landed, including one denial-of-service and two code execution bugs – all easy to trigger by sending crafted packets. In the DoS bug, …
Rotten apple. Pic: Shutterstock (http://www.shutterstock.com/pic-29447929/stock-photo-a-rotten-apple-on-a-white-background.html)

Wavering about Apple's latest security fix? Don't, says Talos

Here's another reason to press “install” on Apple's latest OS X and iOS security patches: a slew of image-handling vulnerabilities. Now that Apple's released the patched versions, Cisco's Talos researchers have gone public with the details of their contribution to the fixes. The most serious of the bugs is in TIFF image …
Melted chocolate clock by Emily McCracken, CC2.0 license

Time for a patch: six vulns fixed in NTP daemon

Cisco has turned over a bunch of Network Time Protocol daemon (ntpd) vulnerabilities to the Linux Foundation's Core Infrastructure Initiative. The vulnerabilities, discovered during its ongoing ntpd evaluation, “allow attackers to craft UDP packets to either cause a denial of service condition or to prevent the correct time …
Teacher

SamSam ransomware shifts from hospitals to schools via JBoss hole

Cisco has warned that the SamSam ransomware that has been plaguing US hospitals is now menacing schools, governments, and other organizations that have not kept their JBoss deployments up to date. According to the networking giant's Talos security team, SamSam exploits a hole in server middleware JBoss to drill its way into …
Iain Thomson, 19 Apr 2016
Scan Doctor Who Tardis PC case

'Malicious time source' can poison Network Time Protocol

Get busy, sysadmins, there's a bunch of network time protocol (NTP) bugs to squash. The bugs were turned up in a code audit by Cisco's Talos business (which can surely feel the coals of hell being heaped upon its head for working in a Back to the Future joke in the bug-branding). Talos has been working on the code base of the …
Cat from Cisco TV ad

Cisco tool IDs malware in the firmware

Cisco's moved on the “SYNful knock” vulnerability with a free tool letting admins test their routers for fudged firmware. The vulnerability emerged in August, when The Borg warned that its ROMMON firmware had been reverse-engineered. That meant a privileged user could flash routers with compromised versions. Within a month, …
Rat

Cisco's RAT-catchers spot sysadmin-targeted phish

File this under “it was bound to happen one day”: Cisco has spotted a targeted phishing attack based on a popular sysadmin automation tool. If someone in the “IT crowd” bunker falls for the phishing attack, Cisco's Talos Group says the payload exploits AutoIT, a scripting admin environment for Windows. Talos explains what's …
TALOS-wearing US serviceman

Coming in 2014: Scary super-soldier exoskeleton suits from the US military

The US military is accelerating its program to build a Tactical Assault Light Operator Suit (TALOS) – an exoskeleton-mounted computer system for the soldier of tomorrow. "[The] requirement is a comprehensive family of systems in a combat armor suit where we bring together an exoskeleton with innovative armor, displays for …
Iain Thomson, 31 Dec 2013
arrow pointing up

OCZ unsheathes Talos flash talons

OCZ's Talos flash drive is set to claw into the enterprise hard drive business. The Talos C Series is OCZ's 3.5-inch enterprise flash drive, in contrast to the Vertex, which is a consumer drive. Talos is a 3.5-inch, 2-bit multi-level cell solid state drive (SSD), coming in 230GB, 480GB and 960GB capacities. It can run at 50, …
Chris Mellor, 1 Aug 2011

Create a news alert about talos, or find more stories about talos.

Biting the hand that feeds IT © 1998–2018