{"id":175683,"date":"2026-01-08T14:03:00","date_gmt":"2026-01-08T19:03:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/01\/08\/resolutions-shmesolutions-and-whats-actually-worked-for-me\/"},"modified":"2026-01-08T14:10:09","modified_gmt":"2026-01-08T19:10:09","slug":"resolutions-shmesolutions-and-whats-actually-worked-for-me","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/01\/08\/resolutions-shmesolutions-and-whats-actually-worked-for-me\/","title":{"rendered":"Resolutions, shmesolutions (and what\u2019s actually worked for me)"},"content":{"rendered":"<p><a href=\"https:\/\/blog.talosintelligence.com\/resolutions-shmesolutions-and-whats-actually-worked-for-me\/\">Resolutions, shmesolutions (and what\u2019s actually worked for me)<\/a><\/p>\n<p><a href=\"https:\/\/blog.talosintelligence.com\/resolutions-shmesolutions-and-whats-actually-worked-for-me\/\">https:\/\/blog.talosintelligence.com\/resolutions-shmesolutions-and-whats-actually-worked-for-me\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-01-08 14:03:00<\/a><\/p>\n<p>Source Domain: <a href=\"blog.talosintelligence.com\">blog.talosintelligence.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.<br \/>\n            Welcome to this week\u2019s edition of the Threat Source newsletter.\u00a0I went to bed at 8:30 p.m. on New Year\u2019s Eve, and I think that\u2019s pretty indicative of\u00a0how I\u00a0approach\u00a0the whole\u00a0idea of\u00a0New Year\u2019s resolutions.\u00a0I love to count down to the new year with loved ones as\u00a0much as the next person, but\u00a0I have really conflicted feelings about traditional resolutions. On one hand,\u00a0it\u2019s\u00a0great to have goals for the future and pick a day to start putting them into action. On the\u00a0other, why wait until the New Year, and why pick goals that are often wildly unsustainable? It feels like it just promotes an \u201call or nothing\u201d\u00a0approach, and\u00a0starts the year on a disappointing note if you stumble even a little.\u00a0Life happens, and many resolutions\u00a0don\u2019t\u00a0give enough grace.\u00a0Here are some resolutions\u00a0I\u00a0failed at this past year:\u00a0Lift weights\u00a0three days\/week for\u00a0a whole year: Close, but no cigar!\u00a0Journal\u00a0at least one\u00a0sentence every day:\u00a0Yeah,\u00a0I\u00a0failed at this one\u00a0pretty quickly.\u00a0I\u2019m\u00a0not a journal person.\u00a0Knit at least three sweaters: I\u00a0made a shirt, almost finished a vest, and\u00a0spent a ton of\u00a0money on\u00a0yarn.I have done a lot of things\u00a0I\u2019m\u00a0proud about this year, so then&#8230; what\u00a0has\u00a0worked?\u00a0An\u00a0intention that\u00a0I\u2019ve\u00a0held throughout the year is turning \u201cshoulds\u201d into setting plans into motion right away. For example, \u201cI should host a one-time book club to discuss my favorite book\u201d becomes \u201cI just posted\u00a0in\u00a0my neighborhood Facebook page to find people who are interested and pick a date.\u201d Or \u201cI should\u00a0finish\u00a0my certification\u201d becomes \u201cI just set a weekly three-hour calendar block, and I\u00a0won\u2019t\u00a0move it unless\u00a0there\u2019s\u00a0an emergency.\u201dThat shift in mindset reminds me a lot of what works in cybersecurity. Our industry is full of ambitious, high-level goals: \u201cEliminate all vulnerabilities,\u201d \u201cachieve zero trust,\u201d or \u201cstop every threat.\u201d These aspirations are important, but the reality is that security happens in small, consistent actions: patching systems as soon as updates are available, educating teams on the latest phishing techniques, reviewing logs regularly, or simply responding quickly to a new alert.Just like with personal resolutions, there\u2019s often pressure in security to be perfect, to never let anything slip through the cracks. Even the organizations that have amazing budget and headcount will face challenges and setbacks, and no environment is ever perfectly secure. What matters most is how we respond in the moment, learn from what\u2019s happened, and keep moving forward.So as we head into 2026, whether you\u2019re setting personal goals or planning your organization\u2019s security strategy, consider focusing less on flawless resolutions and more on building habits that adapt to change. Celebrate the small wins, reflect on what you\u2019ve accomplished, and don\u2019t be afraid to pivot when things don\u2019t go as planned. Show up every day and take that next step.The one\u00a0big thing\u00a0Earlier today, Cisco Talos\u00a0disclosed\u00a0a sophisticated threat actor\u00a0we\u00a0track as\u00a0UAT-7290,\u00a0who has been active since\u00a0at least\u00a02022.\u00a0UAT-7290\u00a0is tasked with\u00a0gaining\u00a0initial access as well\u00a0as\u00a0conducting espionage-focused intrusions against critical infrastructure entities in South Asia.\u00a0UAT-7290&#8217;s arsenal includes a malware family consisting of implants we call\u00a0RushDrop,\u00a0DriveSwitch,\u00a0and\u00a0SilentRaid. Our findings\u00a0indicate\u00a0that\u00a0UAT-7290 conducts\u00a0extensive\u00a0technical\u00a0reconnaissance\u00a0of target organizations before carrying out intrusions.\u00a0Why do I care?\u00a0UAT-7290 targets telecom and network infrastructure, which, if compromised, can have cascading impacts on national security, business operations, and customer data. Their advanced tactics, use of publicly available exploits, and ability to\u00a0establish\u00a0persistent footholds make detection and remediation\u00a0difficult.\u00a0So now what?\u00a0Review and apply the latest\u00a0ClamAV\u00a0and Snort signatures (see\u00a0the\u00a0blog) to detect and block UAT-7290\u2019s malware and activity. Audit your edge devices (especially those exposed to the internet) for signs of compromise, weak credentials, or unpatched vulnerabilities, and prioritize patching and hardening them.\u00a0Make sure\u00a0your incident response plans are ready to address potential intrusions involving\u00a0advanced persistent threats (APTs).Top security headlines of the week\u00a0U.S. cyber pros plead guilty over\u00a0BlackCat\u00a0ransomware activity\u00a0\u00a0Two US citizens plead guilty to working as ALPHV\/BlackCat\u00a0ransomware affiliates in 2023.\u00a0Along with an unnamed third conspirator,\u00a0they\u00a0were previously employed by security firms\u00a0Sygnia\u00a0and\u00a0DigitalMint. (DarkReading)European\u00a0Space Agency\u00a0(ESA)\u00a0confirms breach after hacker offers to sell data\u00a0The ESA\u00a0has confirmed that some of its systems have been breached\u00a0and\u00a0is working on securing compromised devices.\u00a0The hacker offered to sell 200GB of\u00a0allegedly stolen\u00a0data\u00a0from ESA\u2019s systems, including files from private Bitbucket repositories. (SecurityWeek)Sophisticated\u00a0ClickFix\u00a0campaign targeting hospitality sector\u00a0Fake Booking reservation cancellations and fake BSODs trick victims into executing malicious code leading to RAT infections. (SecurityWeek)\u00a0(The Hacker News)New n8n vulnerability lets authenticated users execute system commands\u00a0\u00a0It affects n8n versions from 1.0.0 up to, but not including, 2.0.0, and allows an authenticated user with permission to create or\u00a0modify\u00a0workflows to execute arbitrary operating system commands on the host running n8n. The issue has been addressed in version 2.0.0. (The Hacker News)\u00a0Russia-aligned hackers abuse Viber to target Ukrainian military and government\u00a0The attack chain involves the use of Viber to distribute malicious ZIP archives\u00a0containing\u00a0multiple Windows shortcut (LNK) files disguised as official Microsoft Word and Excel documents to trick recipients into opening them. (The Hacker News)Can\u2019t\u00a0get enough Talos?\u00a0How\u00a0Cisco Talos powers the solutions protecting your organization\u00a0What happens under the hood of Cisco&#8217;s security portfolio? Our reputation and detection services apply Talos&#8217; real-time intelligence to detect and block threats.\u00a0Here&#8217;s\u00a0how.\u00a0The TTP: Talking through a year of cyber threats, in five questions\u00a0Hazel is joined by Nick\u00a0Biasini\u00a0to reflect on what stood out, what surprised them, and what\u00a0didn\u2019t\u00a0in 2025. What might defenders want to think\u00a0about differently\u00a0heading into 2026?\u00a0Upcoming events where you can find Talos\u00a0JSAC\u00a0(Jan.\u00a021 \u2013\u00a023) Tokyo, Japan\u00a0S4x26\u00a0(Feb. 23\u00a0\u2013\u00a026)\u00a0Miami, FLMost prevalent malware files from Talos telemetry over the past week\u00a0SHA256: 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507\u00a0\u00a0MD5: 2915b3f8b703eb744fc54c81f4a9c67f\u00a0\u00a0Talos Rep:\u00a0https:\/\/talosintelligence.com\/talos_file_reputation?s=9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507\u00a0\u00a0Example Filename: 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507.exe\u00a0\u00a0Detection Name:\u00a0Win.Worm.Coinminer::1201\u00a0SHA256: 90b1456cdbe6bc2779ea0b4736ed9a998a71ae37390331b6ba87e389a49d3d59\u00a0MD5: c2efb2dcacba6d3ccc175b6ce1b7ed0a\u00a0\u00a0Talos Rep:\u00a0https:\/\/talosintelligence.com\/talos_file_reputation?s=90b1456cdbe6bc2779ea0b4736ed9a998a71ae37390331b6ba87e389a49d3d59\u00a0\u00a0Example Filename: ck8yh2og.dll\u00a0\u00a0Detection Name: Auto.90B145.282358.in02\u00a0SHA256: 96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974\u00a0\u00a0MD5: aac3165ece2959f39ff98334618d10d9\u00a0\u00a0Talos Rep:\u00a0https:\/\/talosintelligence.com\/talos_file_reputation?s=96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974\u00a0\u00a0Example Filename:\u00a096fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974.exe\u00a0\u00a0Detection Name:\u00a0W32.Injector:Gen.21ie.1201\u00a0SHA256: ecd31e50ff35f41fbacf4b3c39901d5a2c9d4ae64b0c0385d661b1fd8b00481f\u00a0\u00a0MD5: e41ae00985e350137ddd9c1280f04fc3\u00a0\u00a0Talos Rep:\u00a0https:\/\/talosintelligence.com\/talos_file_reputation?s=ecd31e50ff35f41fbacf4b3c39901d5a2c9d4ae64b0c0385d661b1fd8b00481f\u00a0\u00a0Example Filename:\u00a0tg-submit-JDs62cgS.exe\u00a0\u00a0Detection Name: Auto.ECD31E.252552.in02\u00a0SHA256: 1aa70d7de04ecf0793bdbbffbfd17b434616f8de808ebda008f1f27e80a2171b\u00a0\u00a0MD5: a8fd606be87a6f175e4cfe0146dc55b2\u00a0\u00a0Talos Rep:\u00a0https:\/\/talosintelligence.com\/talos_file_reputation?s=1aa70d7de04ecf0793bdbbffbfd17b434616f8de808ebda008f1f27e80a2171b\u00a0\u00a0Example Filename:\u00a0WCInstaller_NonAdmin.exe\u00a0\u00a0Detection Name: W32.1AA70D7DE0-95.SBX.TG<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Resolutions, shmesolutions (and what\u2019s actually worked for me) https:\/\/blog.talosintelligence.com\/resolutions-shmesolutions-and-whats-actually-worked-for-me\/ Publish Date: 2026-01-08 14:03:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":175684,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blog.talosintelligence.com\/content\/images\/size\/w1200\/2026\/01\/threat_source-9.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[30,24,35,32,25,34,27],"class_list":["post-175683","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breach","tag-cybersecurity","tag-hacker","tag-malware","tag-phishing","tag-threat-actor","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/175683"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=175683"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/175683\/revisions"}],"predecessor-version":[{"id":175685,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/175683\/revisions\/175685"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/175684"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=175683"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=175683"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=175683"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}