Now celebrating its 10th anniversary, Cisco Talos is among the world’s preeminent threat intelligence detection and response groups. And given the relentless sophistication of today’s cyberthreats, it’s needed more than… Article Source https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2024/m09/cisco-talos-advanced-intelligence-for-global-cyberthreats.html
Cisco Talos conducted an analysis of the top 14 data kidnapping groups from 2023 to 2024 to reveal their attack chains and highlight their tactics, techniques, and protocols. They also identified the most exploited vulnerabilities used by ransomware actors. The typical ransomware attack chain begins with the threat actor gaining access to the targeted entity … Read more
A new report from Cisco Talos highlights the evolving tactics of ransomware groups and the importance of defending against them. Ransomware groups like ALPHV/Blackcat are constantly adapting their methods to target victims more effectively, using techniques such as phishing and exploiting vulnerabilities. New groups like Hunters International, Cactus, and Akira have also emerged, each with … Read more
A new report by Cisco Talos highlights the implications of the recent Snowflake Inc. cloud data platform breach, emphasizing the vulnerabilities in cloud environments. Attackers used stolen login credentials to infiltrate customer accounts lacking multi-factor authentication, allowing them to access sensitive information. This incident reflects a broader trend in cyber threats towards compromised identity and … Read more
In the latest Cisco Talos Incident Response Quarterly Trends Report, Hazel Burton discusses the growing trend of threat actors focusing on bypassing multi-factor authentication (MFA) in security incidents. The report found that MFA weaknesses were present in half of the incidents responded to by the Talos team in the first quarter of 2024. Attackers are … Read more
Cisco Talos researchers have uncovered an ongoing campaign by a threat actor known as SneakyChef, using the SugarGh0st malware since August 2023. The campaign has expanded its targets from South Korea and Uzbekistan to include countries in EMEA and Asia, using lures resembling scanned documents from government agencies. The team discovered a new infection chain … Read more
In a recent report, cybersecurity firm Cisco Talos uncovered tactics used by hackers to bypass multi-factor authentication (MFA) measures. While MFA is seen as a crucial defense against unauthorized access, creative hackers have devised ways to work around it. The report highlights the importance of staying vigilant and adopting additional security measures to protect sensitive … Read more
A recent report by Cisco Talos revealed the activities of a cyber espionage threat actor known as LilacSquid, or UAT-4820. LilacSquid targets organizations in various sectors across the US, Europe, and Asia by exploiting vulnerable web applications or using compromised Remote Desktop Protection credentials to infect systems with custom PurpleInk malware. The threat actor has … Read more