APT
Wiper Malware – A Detection Deep Dive
5 min read
This post was authored by Christopher Marczewski with contributions from Craig WIlliams *This blog post has been updated to include Command and Control IP addresses used by the malware. A new piece of wiper malware has received quite a bit of media attention. Despite all the recent press, Cisco’s Talos team has historic examples of […]
Cisco Coverage for ‘Regin’ Campaign
1 min read
This post was authored by Alex Chiu with contributions from Joel Esler. Advanced persistent threats are a problem that many companies and organizations of all sizes face. In the past two days, information regarding a highly targeted campaign known as ‘Regin’ has been publicly disclosed. The threat actors behind ‘Regin’ appear to be targeting organizations […]
Threat Spotlight: Group 72, Opening the ZxShell
17 min read
This post was authored by Andrea Allievi, Douglas Goddard, Shaun Hurley, and Alain Zidouemba. Recently, there was a blog post on the takedown of a botnet used by threat actor group known as Group 72 and their involvement in Operation SMN. This group is sophisticated, well funded, and exclusively targets high profile organizations with high […]
Threat Spotlight: Group 72
3 min read
This post is co-authored by Joel Esler, Martin Lee and Craig Williams Everyone has certain characteristics that can be recognised. This may be a way of walking, an accent, a turn of phrase or a style of dressing. If you know what to look for you can easily spot a friend or acquaintance in a […]
Threading the Needle on Privacy and Malware Protection
2 min read
We have been clear that we have a distinct approach to Advanced Malware Protection (AMP), specifically the unique way in which we leverage the compute and storage capabilities of the public cloud. Doing so enables us to do a great number of things to help customers more effectively fight malware, particularly when compared to traditional, […]
4