Threat Research
- Our Favorite Topics:
Sorpresa! JasperLoader targets Italy with a new bag of tricks
1 min read
Nick Biasini and Edmund Brumaghin authored this blog post. Executive summary Over the past few months,...
Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques
1 min read
This blog was authored by Danny Adamitis, David Maynor, and Kendall McKay Executive summary Cisco Talos assesses with moderate confidence that a campaign we recently...
Vulnerability Spotlight: Multiple bugs in several Jenkins plugins
1 min read
Jenkins is an open-source automation server written in Java. There are several plugins that exist to integrate Jenkins with other pieces of software, such as GitLab. Today, Cisco Talos is...
Threat Roundup for April 26 to May 3
1 min read
Talos lists ten of the most prevalent threats observed between April 26 and May 03, summarizing key behavioral characteristics, and discussing how our customers are automatically protected from these threats.
Qakbot levels up with new obfuscation techniques
1 min read
Qakbot, also known as Qbot, is a well-documented banking trojan that has been around since 2008. Recent Qakbot campaigns, however, are utilizing an updated persistence mechanism that can make it...
Sodinokibi Ransomware Exploits WebLogic Server Vulnerability
1 min read
Attackers are actively exploiting a recently disclosed vulnerability in Oracle WebLogic to install a new variant of ransomware called "Sodinokibi," which attempts to encrypt user data and then deletes shadow copy backups to make data recovery more difficult.
Threat Roundup for April 19 to April 26
1 min read
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Apr. 19 and Apr. 26. As with previous roundups, this post isn't meant to be an...
Vulnerability Spotlight: Multiple vulnerabilities in Sierra Wireless AirLink ES450
1 min read
Carl Hurd and Jared Rittle of Cisco Talos discovered these vulnerabilities. Executive summary Several exploitable vulnerabilities exist in the Sierra Wireless AirLink ES450, an LTE gateway designed for distributed enterprise,...
JasperLoader Emerges, Targets Italy with Gootkit Banking Trojan
1 min read
Nick Biasini and Edmund Brumaghin authored this blog post with contributions from Andrew Williams. Introduction to JasperLoader Malware loaders are playing an increasingly important role in malware distribution. They give...