Divergent: “Fileless” NodeJS Malware Burrows Deep Within the Host
Cisco Talos recently discovered a new malware loader being used to deliver and infect systems with a previously undocumented malware payload called "Divergent."
How Tortoiseshell created a fake veteran hiring website to host malware
Cisco Talos discovered a threat actor attempting to take advantage of Americans who may be seeking a job, especially military veterans. Symantec had previously identified the actor as Tortoiseshell.
Emotet is back after a summer break
Emotet is still evolving, five years after its debut as a banking trojan. It is one of the world's most dangerous botnets and malware droppers-for-hire.
Cryptocurrency miners aren’t dead yet: Documenting the voracious but simple “Panda”
A new threat actor named “Panda” has generated thousands of dollars worth of the Monero cryptocurrency through the use of remote access tools (RATs) and illicit cryptocurrency-mining malware.
Watchbog and the Importance of Patching
Cisco Incident Response (CSIRS) recently responded to an incident involving the Watchbog cryptomining botnet. By Luke DuCharme and Paul Lee.
Threat Roundup for August 30 to September 6
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Aug. 30 and Sep. 6.