Talos ThreatSource is a regular intelligence update from Cisco Talos, highlighting the biggest threats each week and other security news.
Siemens Patches Critical Intel AMT Flaw in Industrial Products
Description: This presentation will show how APT actors are evolving and how the reconnaissance phase is changing to protect their valuable 0-day exploit or malware frameworks. This talk will mainly focus on the usage of Office documents and watering hole attacks designed to establish if the target is the intended one (we will mention campaigns against political or military organizations). The techniques and the obfuscation put in place by these actors will be described in detail (techniques based on Macro, JavaScript, PowerShell, Flash or Python). At the end of the presentation, we will show different mitigations to help attendees protect their users.
Description: The threat landscape is constantly evolving. As new methods and solutions for combating cyber threats are developed, threat actors will continue to evolve their tactics, techniques, and procedures. This is one of the many reasons that solid threat intelligence is such an essential part of a sound cyber security strategy. There are constantly new threats being faced by organizations globally across virtually every industry. This presentation will provide an overview of the threat landscape, a description of the common types of attacks that are used to compromise organizations, as well as a discussion of the potential impact these attacks can have on business operations. Ransomware, exploit kits, and malicious/phishing email campaigns will be discussed with specific examples provided in an attempt to provide an inside look at what is currently occurring within the threat landscape.
Description: XXX
Description: Siemens has released patches to address two critical vulnerabilities one of which is tied closely to the recently disclosed Intel Active Managment Technology vulnerability.
Description: Talos has disclosed several vulnerabilies in the Dell Precision Optimizer application service software, Invincea-X, and Invincea Dell Protected Workspace.
Description: Avaya has patched a remote code execution vulnerability in the Aura platform that could put phone call and API data at risk for interception.
In ExPetr/Petya’s shadow, FakeCry ransomware wave hits Ukraine
https://securelist.com/in-expetrpetyas-shadow-fakecry-ransomware-wave-hits-ukraine/78973/
Fourth Largest Cryptocurrency Exchange Was Hacked. Users Lose Ethereum & Bitcoin
https://www.bleepingcomputer.com/news/security/fourth-largest-cryptocurrency-exchange-was-hacked-users-lose-ethereum-and-bitcoin/
Police seize servers of Ukrainian software firm after cyber attack
https://www.reuters.com/article/us-cyber-attack-ukraine-police-idUSKBN19P1YF