Threat Research

LodaRAT Update: Alive and Well

Talos recently identified new versions of Loda RAT, a remote access trojan written in AutoIt. Not only have these versions abandoned their usual obfuscation techniques, several functions have been rewritten and new functionality has been added. In one

September 29, 2020 • 1 min read

Talos Group

Microsoft Netlogon exploitation continues to rise

Cisco Talos is tracking a spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472, an elevation of privilege bug in Netlogon, outlined in the August Microsoft Patch Tuesday report. The vulnerability stems from a flaw in a

September 28, 2020 • 1 min read

Talos Group

Threat Roundup for September 18 to September 25

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between September 18 and September 25. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the

September 25, 2020 • 1 min read

Talos Group

Threat Roundup for September 11 to September 18

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between September 11 and September 18. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the

September 18, 2020 • 1 min read

Talos Group

Threat Roundup for September 4 to September 11

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between September 4 and September 11. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the

September 11, 2020 • 1 min read

Talos Group

Threat Roundup for August 28 to September 4

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between August 28 and September 4. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the

September 4, 2020 • 1 min read

Talos Group

Salfram: Robbing the place without removing your name tag

Over the past several months, Cisco Talos has seen attackers carrying out ongoing email-based malware distribution campaigns to distribute various malware payloads. These email campaigns feature several notable characteristics that appear designed to

September 3, 2020 • 1 min read

Talos Group

Threat Roundup for August 21 to August 27

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between August 21 and August 27. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats

August 27, 2020 • 1 min read

Talos Group

Threat Roundup for August 14 to August 21

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between August 14 and August 21. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats

August 21, 2020 • 1 min read

Cisco Blogs

Threat Research

Our Favorite Topics:

Threat Research

LodaRAT Update: Alive and Well

Microsoft Netlogon exploitation continues to rise

Threat Roundup for September 18 to September 25

Threat Roundup for September 11 to September 18

Threat Roundup for September 4 to September 11

Threat Roundup for August 28 to September 4

Salfram: Robbing the place without removing your name tag

Threat Roundup for August 21 to August 27

Threat Roundup for August 14 to August 21