#Talos

Cisco Says Flaws in Industrial Routers, BGP Tool Remain Unpatched 8 Months After Disclosure

by

December 10, 2024 at 07:21AM Cisco’s Talos unit has revealed several unpatched vulnerabilities in MC Technologies’ industrial router and GoCast’s BGP tool, despite responsible disclosure to vendors months ago. Notably, the MC LR router has four high-severity command injection flaws, while GoCast has three critical vulnerabilities, both potentially exploitable through crafted HTTP requests. ### Meeting … Read more

Remote Code Execution, DoS Vulnerabilities Patched in OpenPLC

by

September 26, 2024 at 11:13AM Cisco Talos disclosed critical and high-severity vulnerabilities in OpenPLC, an open source programmable logic controller designed for industrial automation and research. These can be exploited for DoS attacks and remote code execution using specially crafted EtherNet/IP requests. The vulnerabilities were patched on September 17, and users are advised to update … Read more

Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries

by

March 6, 2024 at 02:15AM GhostSec, a cybercrime group, has partnered with Stormous to launch double extortion ransomware attacks on businesses globally. They are part of a coalition called The Five Families, offering a new ransomware-as-a-service (RaaS) program called STMX_GhostLocker. The groups have also introduced a Go-written ransomware called GhostLocker 2.0 and developed hacking tools … Read more