Threat Research

1 min read

Nick Biasini and Edmund Brumaghin authored this blog post. Executive summary Over the past few months,...

1 min read

This blog was authored by Danny Adamitis, David Maynor, and Kendall McKay Executive summary Cisco Talos assesses with moderate confidence that a campaign we recently...

1 min read

Jenkins is an open-source automation server written in Java. There are several plugins that exist to integrate Jenkins with other pieces of software, such as GitLab. Today, Cisco Talos is...

1 min read

Talos lists ten of the most prevalent threats observed between April 26 and May 03, summarizing key behavioral characteristics, and discussing how our customers are automatically protected from these threats.

1 min read

Qakbot, also known as Qbot, is a well-documented banking trojan that has been around since 2008. Recent Qakbot campaigns, however, are utilizing an updated persistence mechanism that can make it...

1 min read

Attackers are actively exploiting a recently disclosed vulnerability in Oracle WebLogic to install a new variant of ransomware called "Sodinokibi," which attempts to encrypt user data and then deletes shadow copy backups to make data recovery more difficult.

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Apr. 19 and Apr. 26. As with previous roundups, this post isn't meant to be an...

1 min read

Carl Hurd and Jared Rittle of Cisco Talos discovered these vulnerabilities. Executive summary Several exploitable vulnerabilities exist in the Sierra Wireless AirLink ES450, an LTE gateway designed for distributed enterprise,...

1 min read

Nick Biasini and Edmund Brumaghin authored this blog post with contributions from Andrew Williams. Introduction to JasperLoader Malware loaders are playing an increasingly important role in malware distribution. They give...