A Deep Dive into Lokibot Infection Chain
News summary Lokibot is one of the most well-known information stealers on the malware landscape. In this post, we’ll provide a technical breakdown of one of the latest Lokibot campaigns. Talos also has a new script to unpack the dropper’s third stage. The actors behind Lokibot usually have the ability to steal multiple types of […]
Three Reasons to Upgrade Your Legacy AV/Endpoint Security
Most technology from the ‘80s – ‘90s (portable CD players, floppy disks, 2G flip phones) did not survive the digital evolution. One technology did survive, however... Legacy antivirus (AV).
RATs and stealers rush through “Heaven’s Gate” with new loader
Malware is constantly finding new ways to avoid detection. This doesn't mean that some will never be detected, but it does allow adversaries to increase the period of time between...
Cisco Security at Work: Threatwall at Mobile World Congress 2019
The Threatwall is a live display of threats on open conference wireless networks wherever it is deployed, such as Cisco Live or WMC, providing valuable insights on network traffic trends.
Old dog, new tricks – Analysing new RTF-based campaign distributing Agent Tesla, Loki with PyREbox
This blog post was authored by Edmund Brumaghin and Holger Unterbrink with contributions from Emmanuel Tacheau. Executive Summary Cisco Talos has discovered a new malware campaign...
From the Trenches: 5 Ways Customers are Improving Security with Cisco AMP for Endpoints
Does this sound like a day in your IT security life? Wake up, get coffee, drive to work, and battle an almost constant onslaught of attacks, while playing whack-a-mole with too many alerts. If so, we get it. You never know where the next attack will come from. And you’re probably on to the fact […]