angler

March 31, 2017

SECURITY

Cisco Securely Connects the Rio 2016 Olympic Games

2 min read

The Olympic Games represent the pinnacle of athleticism and excellence on the world stage like no other event. The scale of the preparation and production that goes into them is absolutely massive. That’s why providing connectivity and security to the 2016 Olympic Games in Rio was both a challenge and a great honor for Cisco. […]

May 3, 2016

THREAT RESEARCH

Angler Catches Victims Using Phish as Bait

1 min read

This post authored by Nick Biasini with contributions from Erick Galinkin. Exploit kits have been a recurring threat that we’ve discussed here on this blog as a method of driving users to maliciousness.  Users typically encounter exploit kit landing pages through  compromised websites and malvertising. However, we’ve found a new email twist to the standard […]

March 21, 2016

THREAT RESEARCH

Malware Word Search: Identifying Angler’s Dictionary

1 min read

This post authored by Steve Poulson with contributions from Nick Biasini. Exploit kits are constantly evolving and changing. We recently wrote about some subtle Angler changes but then Angler changed drastically on March 8. In this blog post, we will briefly cover these changes, examining different characteristics of the URL structure for Angler and the […]

March 1, 2016

THREAT RESEARCH

Angler Attempts to Slip the Hook

1 min read

This post was authored by Nick Biasini with contributions from Joel Esler and Melissa Taylor Talos has discussed at length the sophistication of the Angler exploit kit. One thing that always makes Angler stand apart is the speed with which they develop and implement new techniques. Whether its domain shadowing, 302 cushioning, encrypted payloads, or […]

February 9, 2016

THREAT RESEARCH

Bedep Lurking in Angler’s Shadows

1 min read

This post is authored by Nick Biasini. In October 2015, Talos released our detailed investigation of the Angler Exploit Kit which outlined the infrastructure and monetary impact of an exploit kit campaign delivering ransomware. During the investigation we found that two thirds of Angler’s payloads were some variation of ransomware and noted one of the […]

January 20, 2016

SECURITY

The Value of Collaboration in Weakening Attackers

2 min read

Today’s attackers deploy complex and clever threats that are difficult to combat with just one method of defense. In some cases, defenders must go beyond tools for detecting attacks and devise a different approach for obstructing our adversaries’ ability to operate. As detailed in the Cisco 2016 Annual Security Report...

October 15, 2015

SECURITY

Angler for Beginners in 34 Seconds

3 min read

Post authored by Martin Rehak, Veronica Valeros, Martin Grill and Ivan Nikolaev. In order to complement the comprehensive information about the Angler exploit kit from our Talos colleagues [

October 6, 2015

THREAT RESEARCH

Threat Spotlight: Cisco Talos Thwarts Access to Massive International Exploit Kit Generating $60M Annually From Ransomwa …

3 min read

This post was authored by Nick Biasini with contributions from Joel Esler, Nick Hebert, Warren Mercer, Matt Olney, Melissa Taylor, and Craig Williams. Executive Summary Today, Cisco struck a blow to a group of hackers, disrupting a significant international revenue stream generated by the notorious Angler Exploit Kit.  Angler is one of the largest exploit kit […]

June 5, 2015

THREAT RESEARCH

Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense

6 min read

This post was authored by Nick Biasini Late last week Talos researchers noticed a drastic uptick in Angler Exploit Kit activity. We have covered Angler previously, such as the discussion of domain shadowing. This exploit kit evolves on an almost constant basis. However, the recent activity caught our attention due to  a change to the URL […]