Android

May 25, 2021

NETWORKING

If you can’t trust a MAC address, what can you trust?

3 min read

The concept of random and changing MAC addresses is not brand new, but is beginning to have a real impact on how network tools operate. The idea that operating system vendors are providing users with increasing privacy by making it harder for big corporations to track them is a double edged sword. How can networking tools continue to provide critical services such as network access control, guest and BYOD services in an environment where the identifier of the endpoint, the MAC address, is no longer stable.

October 29, 2020

THREAT RESEARCH

DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread

1 min read

The newly discovered Firestarter malware uses Google Firebase Cloud Messaging to notify its authors of the final payload location. Even if the command and control (C2) is taken down, the DoNot team can still redirect the malware to another C2 using Google infrastructure. The approach in the final payload upload denotes a highly personalized targeting […]

May 19, 2020

SECURITY

The Wolf Is Back…

1 min read

Cisco Talos has discovered a new Android malware based on a leak of the DenDroid malware family. We named this malware “WolfRAT” due to strong links between this malware (and the command and control (C2) infrastructure) and Wolf Research, an infamous organization that developed interception and espionage-based malware and was publicly described by CSIS during VirusBulletin […]

November 19, 2019

NETWORKING

Stay Connected in Digital Spaces with OpenRoaming

6 min read

Enabling customers, guests, and employees to automatically join wireless networks without passwords is good. Identifying their location, in real-time, to provide them with a personalized experience is even better.

April 9, 2019

THREAT RESEARCH

Gustuff banking botnet targets Australia

1 min read

Cisco Talos has uncovered a new Android-based campaign targeting Australian financial institutions. As the investigation progressed, Talos came to understand that this campaign was associated with the "ChristinaMorrow" text message...

February 4, 2019

THREAT RESEARCH

ExileRAT shares C2 with LuckyCat, targets Tibet

1 min read

Cisco Talos recently observed a malware campaign delivering malicious Microsoft PowerPoint document using a mailing list run by the Central Tibetan Administration (CTA), an organization officially representing the Tibetan government-in-exile....

November 5, 2018

THREAT RESEARCH

Persian Stalker pillages Iranian users of Instagram and Telegram

1 min read

State-sponsored actors have a number of different techniques at their disposal to remotely gain access to social media and secure messaging applications. Starting in 2017 and continuing through 2018, Cisco...

April 2, 2018

THREAT RESEARCH

Fake AV Investigation Unearths KevDroid, New Android Malware

1 min read

Talos identified two variants of the Android Remote Administration Tool (RAT) with the capability to steal information on the compromised device (contacts, SMS and phone history) and record phone calls.

October 13, 2015

COLLABORATION

The Mobile Workspace For Collaboration

3 min read

The first thing you may wonder is how can you have a mobile workspace. After all, the point of being mobile is that you can be anywhere and if you’re anywhere, you may not have a physical workspace. This means your accessories must also be mobile. They should fit in your pockets, or at least […]