By March 2020, the COVID-19 outbreak had already reached more than 100 countries and was officially designated a pandemic. The world has now been fighting this unprecedented virus for a whole year. In addition to its obvious effects on individuals’ health and entire countries’ economies, the disease’s spread triggered sudden and radical changes in the daily life of millions of … [Read more...] about How the COVID-19 pandemic has affected cybersecurity
What are you missing when you don’t enable global threat alerts?
Network telemetry is a reservoir of data that, if tapped, can shed light on users’ behavioral patterns, weak spots in security, potentially malicious tools installed in enterprise environments, and even malware itself. Global threat alerts (formerly Cognitive Threat Analytics known as CTA) is great at taking an enterprise’s network telemetry and running it through a pipeline of … [Read more...] about What are you missing when you don’t enable global threat alerts?
Purple Fox Rootkit Can Now Spread Itself to Other Windows Computers
Purple Fox, a Windows malware previously known for infecting machines by using exploit kits and phishing emails, has now added a new technique to its arsenal that gives it worm-like propagation capabilities. The ongoing campaign makes use of a "novel spreading technique via indiscriminate port scanning and exploitation of exposed SMB services with weak passwords and hashes," … [Read more...] about Purple Fox Rootkit Can Now Spread Itself to Other Windows Computers
Threat Trends: DNS Security, Part 2
Part 2: Industry trends In our Threat Trends blog series, we attempt to provide insight into the prevalent trends on the threat landscape. Our goal in giving you the latest info on these trends is that you’ll be better prepared to allocate security resources to where they’re needed most. Knowing the larger trends can help in this pursuit, particularly when it comes to the most … [Read more...] about Threat Trends: DNS Security, Part 2
Critical Flaws Affecting GE’s Universal Relay Pose Threat to Electric Utilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of critical security shortcomings in GE's Universal Relay (UR) family of power management devices. "Successful exploitation of these vulnerabilities could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition," the agency said in … [Read more...] about Critical Flaws Affecting GE’s Universal Relay Pose Threat to Electric Utilities
Straight from the source: 3 ways customers are improving security with Secure Network Analytics
We know all too well that security can be a grind and that modern threats are and will continue to become more and more stealthy and sophisticated. A few years ago, the typical security practitioner’s plight was often described as an anxiety-inducing and exhausting existence that involved sifting through an endless barrage of alerts and reacting whenever known threats had … [Read more...] about Straight from the source: 3 ways customers are improving security with Secure Network Analytics
Critical RCE Vulnerability Found in Apache OFBiz ERP Software—Patch Now
The Apache Software Foundation on Friday addressed a high severity vulnerability in Apache OFBiz that could have allowed an unauthenticated adversary to remotely seize control of the open-source enterprise resource planning (ERP) system. Tracked as CVE-2021-26295, the flaw affects all versions of the software prior to 17.12.06 and employs an "unsafe deserialization" as an … [Read more...] about Critical RCE Vulnerability Found in Apache OFBiz ERP Software—Patch Now
Critical F5 BIG-IP Bug Under Active Attacks After PoC Exploit Posted Online
Almost 10 days after application security company F5 Networks released patches for critical vulnerabilities in its BIG-IP and BIG-IQ products, adversaries have begun opportunistically mass scanning and targeting exposed and unpatched networking devices to break into enterprise networks. News of in the wild exploitation comes on the heels of a proof-of-concept exploit code that … [Read more...] about Critical F5 BIG-IP Bug Under Active Attacks After PoC Exploit Posted Online
Stalkerware 2020: The scope and countermeasures
These days, spying on people has gotten far too easy. Anyone can buy stalkerware apps, which can look like parental control software or a smartphone antitheft solution. The classification may help developers avoid legal trouble; the software’s real purpose is to collect a great deal of highly sensitive information from devices without their users’ knowledge. Although the legal … [Read more...] about Stalkerware 2020: The scope and countermeasures
Threat Roundup for March 12 to March 19
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between March 12 and March 19. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically … [Read more...] about Threat Roundup for March 12 to March 19