1. Only showing results from talosintelligence.com

    Clear filter to show all search results

  2. blog.talosintelligence.com

    Oct 16, 2024Talos IR trends Q3 2024: Identity-based operations loom large October 24, 2024 06:00. Credential theft was the main goal in 25% of incidents last quarter, and new ransomware variants made their appearance - read more about the top trends, TTPs, and security weaknesses that facilitated adversary actions.
  3. talosintelligence.com

    Sep 5, 2023An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.
  4. blog.talosintelligence.com

    For the most current information, please refer to your Firepower Management Center, Snort.org, or ClamAV.net. For each threat described below, this blog post only lists 25 of the associated file hashes. An accompanying JSON file can be found here that includes the complete list of file hashes, as well as all other IOCs from this post. As always ...
  5. blog.talosintelligence.com

    By Danny Adamitis, David Maynor, and Kendall McKay. Cisco Talos assesses with moderate confidence that a campaign we recently discovered called "BlackWater" is associated with suspected persistent threat actor MuddyWater. Newly associated samples from April 2019 indicate attackers have added three distinct steps to their operations, allowing them to bypass
  6. talosintelligence.com

    Jan 8, 2024OpManager is a network management solution that gathers hardware and software information of computers and other devices on a computer network for management, compliance and audit purposes. An exploitable directory traversal vulnerability exists in relation to MiB file upload action.
  7. blog.talosintelligence.com

    Spotting a single IOC does not necessarily indicate maliciousness. Detection and coverage for the following threats is subject to updates, pending additional threat or vulnerability analysis. For the most current information, please refer to your Firepower Management Center, Snort.org, or ClamAV.net.
  8. blog.talosintelligence.com

    Mar 5, 2024GhostLocker 2.0 encrypts the files on the victim's machine using the file extension ".ghost" and drops and opens a ransom note. The ransom note has changed from its previous version, where the operator tells users to secure the encryption ID displayed in the ransom note and share it with them in their chat service during the negotiation by clicking "Click me."
  9. talosintelligence.com

    Communication with the device is possible over FTP, TFTP, HTTP, SNMP, EtherNet/IP, Modbus, and a management protocol referred to as "UMAS." A REST API that allows clients to interact with various pieces of functionality on the device is on the web server, including viewing alarms, querying rack information, and performing select UMAS requests.
  10. Can’t find what you’re looking for?

    Help us improve DuckDuckGo searches with your feedback

Custom date rangeX