Security

5 min read

While there are a number of ways to err during the course of responding to an incident, it never seems to fail that the number one misstep I...

1 min read

I am pleased to announce that the OASIS CSAF Common Vulnerability Reporting Framework (CVRF) Version 1.2 committee specification is now available. As covered in our previous blog posts, the purpose of the OASIS Common Security Advisory Framework (CSAF) Technical Committee (TC) is to standardize the practices for structured machine-readable security vulnerability-related advisories. The CSAF TC is focusing […]

4 min read

Moving to the cloud is a no brainer. It’s far more cost effective than maintaining internal systems. No wonder companies have been transitioning to cloud platforms, like Microsoft Office 365, over the last few years. It’s great for the bottom line. Companies with fewer than 1,000 users can expect to save up to 24% on […]

1 min read

This post was authored by Edmund Brumaghin, Earl Carter, Warren Mercer, Matthew Molyett, Matthew Olney, Paul Rascagneres and Craig Williams. Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues. Introduction Talos recently published a technical analysis of a backdoor which was included with version 5.33 of the CCleaner […]

2 min read

Apple and Cisco have partnered to help businesses in every industry accelerate their mobile transformation. From seamless user experience with collaborative applications to Wi-Fi optimization, the partnership has been grounded in a tangible reality. Apple designed iOS to be simple, intuitive, and powerful, with security built into its core. But while the device is secure, […]

1 min read

This post was authored by: Edmund Brumaghin, Ross Gibb, Warren Mercer, Matthew Molyett, and Craig Williams Introduction Supply chain attacks are a very effective way to distribute malicious software into target organizations. This is because with supply chain attacks, the attackers are relying on the trust relationship between a manufacturer or supplier and a customer. […]

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between September 08 and September 15. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

1 min read

This post authored by Marcin Noga with contributions from William Largent Introduction Talos discovers and responsibly discloses software vulnerabilities on a regular basis. Occasionally we publish a deep technical analysis of how the vulnerability was discovered or its potential impact. In a previous post Talos took a deep dive into Lexmark Perceptive Document Filters, in […]

2 min read

While the EU General Data Protection Regulation (GDPR) enforcement deadline is less than a year away and it’s “all systems go” to get ready, privacy – like all other fundamental human rights – is not just a European issue. The specific rules and requirements might differ between jurisdictions, but the principles of protecting and respecting […]