January 15, 2021

THREAT RESEARCH

Threat Roundup for January 8 to January 15

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between January 8 and January 15. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

January 6, 2021

THREAT RESEARCH

A Deep Dive into Lokibot Infection Chain

1 min read

News summary Lokibot is one of the most well-known information stealers on the malware landscape. In this post, we’ll provide a technical breakdown of one of the latest Lokibot campaigns. Talos also has a new script to unpack the dropper’s third stage. The actors behind Lokibot usually have the ability to steal multiple types of […]

December 21, 2020

THREAT RESEARCH

Talos Vulnerability Discovery Year in Review — 2020

1 min read

Cisco Talos' Systems Vulnerability Research Team discovered 231 vulnerabilities this year across a wide range of products. And thanks to our vendor partners, these vulnerabilities were patched and published before any attackers could exploit them. Mitigating possible zero-day breeches in your defenses is the easiest and fastest way to prevent wide-ranging and business-critical cyber attacks.

December 18, 2020

THREAT RESEARCH

Threat Roundup for December 11 to December 18

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between December 11 and December 18. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

December 17, 2020

THREAT RESEARCH

Talos Tools of the Trade

1 min read

If you’re looking for something to keep you busy while we’re all stuck inside during the holidays, Cisco Talos has a few tools for you you can play with in the coming days and weeks. We recently updated GhIDA to work with the latest version of IDA and we are releasing new features for the […]

December 14, 2020

THREAT RESEARCH

Threat Advisory: SolarWinds supply chain attack

1 min read

Cisco Talos is monitoring yesterday’s announcements by FireEye and Microsoft that a likely state-sponsored actor compromised potentially thousands of high-value government and private organizations around the world via the SolarWinds Orion product. FireEye reported on Dec. 8 that it had been compromised in a sophisticated attack in which state-sponsored actors stole sensitive red team tools. […]

December 11, 2020

THREAT RESEARCH

Threat Roundup for December 4 to December 11

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between December 4 and December 11. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

December 9, 2020

THREAT RESEARCH

FireEye Breach Detection Guidance

1 min read

Cyber security firm FireEye recently disclosed an incident that was reported to have resulted in the inadvertent disclosure of various internally developed offensive security tools (OSTs) that were used across FireEye red-team engagements. Some of these tools appear to be based on well-known offensive frameworks like Cobalt Strike. This is even evident in the naming […]

December 4, 2020

THREAT RESEARCH

Threat Roundup for November 27 to December 4

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between November 27 and December 4. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically […]