September 24, 2019


How Tortoiseshell created a fake veteran hiring website to host malware

1 min read

Cisco Talos discovered a threat actor attempting to take advantage of Americans who may be seeking a job, especially military veterans. Symantec had previously identified the actor as Tortoiseshell.

January 30, 2017


EyePyramid: An Archaeological Journey

1 min read

The few last days, a malware sample named EyePyramid has received considerable attention, especially in Italy. The Italian police have arrested two suspects and also published a preliminary report of the investigation. This malware is notable due to the targeting of Italian celebrities and politicians. We conducted our analysis on one of the first public […]

December 14, 2015


Malware stealing gigabytes of your data as seen by Cognitive Threat Analytics

3 min read

This post is authored by Gayan de Silva and Martin Pospisil. Overview Recently, about 50 users across 20 companies were alarmed by the Cisco Cognitive Threat Analytics (CTA) about...

May 2, 2014


Sensitive Data Exfiltration and the Insider

2 min read

The Insider Lifecycle Traditional security is designed to keep outsiders from getting in. What happens when the enemy is an insider? A new paradigm must be explored, where the focus needs to shift inward and how data is going outbound. Identifying anomalies in data exfiltration is critical to how to spot the insider. The insider […]