Threat Research

January 21, 2020

SECURITY

Breaking down a two-year run of Vivin’s cryptominers

1 min read

News Summary There is another large-scale cryptomining attack from an actor we are tracking as “Vivin” that has been active since at least November 2017. “Vivin” has consistently evolved over the past few years, despite having poor operational security and exposing key details of their campaign. By Andrew Windsor. Talos has identified a new threat […]

October 15, 2019

THREAT RESEARCH

Checkrain fake iOS jailbreak leads to click fraud

1 min read

Attackers are capitalizing on the recent discovery of a new vulnerability that exists across legacy iOS hardware. Cisco Talos recently discovered a malicious actor using a fake website that claims...

September 17, 2019

THREAT RESEARCH

Cryptocurrency miners aren’t dead yet: Documenting the voracious but simple “Panda”

1 min read

A new threat actor named “Panda” has generated thousands of dollars worth of the Monero cryptocurrency through the use of remote access tools (RATs) and illicit cryptocurrency-mining malware.

June 27, 2019

THREAT RESEARCH

Welcome Spelevo: New exploit kit full of old tricks

1 min read

Nick Biasini authored this post with contributions from Caitlyn Hammond....

April 11, 2019

THREAT RESEARCH

Sextortion Profits Decline Despite Higher Volume, New Techniques

1 min read

Sextortionists are doing everything to evade spam filters and convince potential victims that perceived threats are real. Here are some recent changes we’ve seen in the sextortion email landscape.

June 6, 2018

THREAT RESEARCH

VPNFilter Update – VPNFilter exploits endpoints, targets new devices

1 min read

Cisco Talos has discovered additional details regarding "VPNFilter," which is targeting more makes/models of devices than initially thought, and has additional capabilities to deliver exploits to endpoints.

May 23, 2018

THREAT RESEARCH

New VPNFilter malware targets at least 500K networking devices worldwide

2 min read

For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor's widespread use.

May 9, 2018

THREAT RESEARCH

Gandcrab Ransomware Walks its Way onto Compromised Sites

1 min read

While we've seen cryptocurrency miners overtake ransomware as the most popular malware on the threat landscape, Gandcrab is proof that ransomware can still strike at any time.