Threat Research

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 11 and Jan. 18. As with previous roundups, this post isn't meant to be an...

1 min read

Cisco Talos has been tracking a series of Imminent RAT infections for the past two months following reported data from Cisco Advanced Malware Protection's (AMP) Exploit Prevention engine. AMP successfully...

1 min read

While Emotet has been around for many years and is one of the most well-known pieces of malware in the wild, that doesn't mean attackers don't try to freshen it...

1 min read

Introduction TP-Link recently patched three vulnerabilities in their TL-R600VPN gigabit broadband VPN router, firmware version 1.3.0. Cisco Talos publicly disclosed these issues after working with TP-Link to ensure...

1 min read

PyLocky is a family of ransomware written in Python that attempts to masquerade as a Locky variant. This ransomware will encrypt all files on a victim machine before...

1 min read

Today, Talos is launching a new community survey to solicit feedback on SNORTⓇ documentation. When Snort alerts the end user, the rule documentation is their first and possibly only avenue...

1 min read

Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, seven of which are rated “critical,”...

1 min read

Tyler Bohan of Cisco Talos discovered several vulnerabilities in MacPaw’s CleanMyMac X software, a cleanup application for Mac operating systems that allows users to free up space on their machines.

1 min read

Summary of threats observed between December 14-21. Our customers are automatically protected from these threats, but we highlight key behavioral characteristics and indicators of compromise (not in-depth analysis).