trojan

January 14, 2021

SECURITY

Cisco Secure Workload Immediate Actions in Response to “SUNBURST” Trojan and Backdoor

4 min read

Cisco Secure Workload can directly support both initial steps to assist in the identification of compromised assets and the application of network restrictions to control network traffic through central automation of distributed firewalls at the workload level.

March 31, 2020

THREAT RESEARCH

Trickbot: A primer

1 min read

In recent years, the modular banking trojan known as Trickbot has evolved to become one of the most advanced trojans in the threat landscape. It has gone through a diverse set of changes since it was first discovered in 2016, including adding features that focus on Windows 10 and modules that target point of sale […]

November 8, 2018

THREAT RESEARCH

Metamorfo Banking Trojan Keeps Its Sights on Brazil

1 min read

Cisco Talos recently identified two ongoing malware distribution campaigns being used to infect victims with banking trojans, specifically financial institutions' customers in Brazil.

July 3, 2018

THREAT RESEARCH

Smoking Guns – Smoke Loader learned new tricks

1 min read

Cisco Talos has been tracking a new version of Smoke Loader — a malicious application that can be used to load other malware — for the past several months following...

September 20, 2017

THREAT RESEARCH

CCleaner Command and Control Causes Concern

1 min read

This post was authored by Edmund Brumaghin, Earl Carter, Warren Mercer, Matthew Molyett, Matthew Olney, Paul Rascagneres and Craig Williams. Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues. Introduction Talos recently published a technical analysis of a backdoor which was included with version 5.33 of the CCleaner […]

August 25, 2015

THREAT RESEARCH

Malware Meets SysAdmin – Automation Tools Gone Bad

10 min read

This post was authored by Alex Chiu and Xabier Ugarte Pedrero. Talos recently spotted a targeted phishing attack with several unique characteristics that are not normally seen. While we monitor phishing campaigns used to distribute threats such as Dridex, Upatre, and Cryptowall, targeted phishing attacks are more convincing because the format of the message is personalized […]

July 8, 2015

THREAT RESEARCH

Ding! Your RAT has been delivered

7 min read

This post was authored by Nick Biasini Talos is constantly observing malicious spam campaigns delivering various different types of payloads. Common payloads include things like Dridex, Upatre, and various versions of Ransomware. One less common payload that Talos analyzes periodically are Remote Access Trojans or RATs. A recently observed spam campaign was using freeware remote […]