Cisco Talos – PossibleThreat Articles

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

August 22, 2023 0 Comments assetnote, canary tokens, Cisco Talos, haroon meer, hazel burton, Ransomware, security tools, shubham shah, The Coming Storm, thinkst

Credit to Author: BrianKrebs| Date: Tue, 22 Aug 2023 17:45:28 +0000

In large metropolitan areas, tourists are often easy to spot because they’re far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.

Independent Krebs Security

Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

September 13, 2022 0 Comments asheer malhotra, Cisco Talos, dustin childs, ios 16, jon munshaw, kevin breen, lily hay newman, lockdown mode, microsoft patch tuesday september 2022, pangu lab, safety check, satnam narang, security tools, Time to Patch, trend micro, xinru chi

Credit to Author: BrianKrebs| Date: Wed, 14 Sep 2022 00:23:45 +0000

This month’s Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, Apple has also quashed a pair of zero-day bugs affecting certain macOS and iOS users, and released iOS 16, which includes a nifty new privacy and security feature called “Lockdown Mode.” And Adobe axed 63 vulnerabilities in a range of products.

Independent Krebs Security

Wazawaka Goes Waka Waka

February 14, 2022 0 Comments #babuk, A Little Sunshine, babuk ransomware, biba99, boriselcin, Cisco Talos, cve-2021-20028, dmitry smilyanets, groove ransom, mikhail pavlovich matveev, Ne'er-Do-Well News, orange, RaidForums, ramp, Ransomware, sonicwall vpn, teresacox19963@gmail.com, tox, verified, washington metropolitan police department, wazawaka

Credit to Author: BrianKrebs| Date: Mon, 14 Feb 2022 18:22:38 +0000

In January, KrebsOnSecurity examined clues left behind by “Wazawaka,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since “lost his mind” according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists. In last month’s story, we explored clues that led from Wazawaka’s multitude of monikers, email addresses, and passwords to a 30-something father in Abakan, Russia named Mikhail Pavlovich Matveev. This post concerns itself with the other half of Wazawaka’s identities not mentioned in the first story, such as how Wazawaka also ran the Babuk ransomware affiliate program, and later became “Orange,” the founder of the ransomware-focused Dark Web forum known as “RAMP.”

Security Sophos

Google patches 8 security holes in Nest cameras

August 22, 2019 0 Comments Cisco, Cisco Talos, Google, Internet of Things, IoT, Nest cam, Nest Cam IQ Indoor camera., Privacy, security threats, vulnerability, webcam

Credit to Author: John E Dunn| Date: Wed, 21 Aug 2019 11:02:22 +0000

The list of vulnerabilities recently discovered by researchers relate to one model, the Nest Cam IQ Indoor camera.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/b8ycfMnDE9o” height=”1″ width=”1″ alt=””/>

Security Sophos

Google’s Nest webcam needs patching after flaws found

August 21, 2019 0 Comments Cisco, Cisco Talos, Google, Internet of Things, IoT, Nest cam, Nest Cam IQ Indoor camera., Privacy, security threats, vulnerability, webcam

Credit to Author: John E Dunn| Date: Wed, 21 Aug 2019 11:02:22 +0000

MalwareBytes Security

Threat Spotlight: Sodinokibi ransomware attempts to fill GandCrab void

July 19, 2019 0 Comments 177a571d7c6a6e4592c60a78b574fe0e, bf9359046c4f5c24de0a9de28bbabd14, caas, Cisco Talos, crime-as-a-service, CVE-2018-8453, CVE-2019-2725, e713658b666ff04c9863ebecb458f174, FruitArmor APT, gandcrab, Heaven's Gate, malvertising, managed service providers, msp hack, Oracle WebLogic vulnerability, raas, Ransom.Sodinokibi, Ransomware, Ransomware as a Service, revil, salsa20, shadow copy, sodin, Sodinokibi, Threat spotlight, volume snapshot service, vss, Win32k vulnerability, zero-day vulnerability

Credit to Author: Jovi Umawing| Date: Thu, 18 Jul 2019 17:58:26 +0000

There’s a new ransomware-as-a-service (RaaS) in town, and it can twist tongues for giggles as much as twist organizations’ arms for cash. Get to know the Sodinokibi ransomware, including how to protect against this fledgling threat.

Categories:

Threat spotlight

Tags: 177a571d7c6a6e4592c60a78b574fe0e bf9359046c4f5c24de0a9de28bbabd14 caas Cisco Talos crime-as-a-service CVE-2018-8453 CVE-2019-2725 e713658b666ff04c9863ebecb458f174 FruitArmor APT gandcrab Heaven’s Gate malvertising managed service providers msp hack Oracle WebLogic vulnerability raas Ransom.Sodinokibi ransomware Ransomware as a Service revil salsa20 shadow copy sodin Sodinokibi volume snapshot service vss Win32k vulnerability zero-day vulnerability