-
One year later: The VPNFilter catastrophe that wasn’t
Threat Research
One year ago, Cisco Talos first disclosed the existence of VPNFilter on May 23, 2018. The malware made headlines across the globe, as it was a sophisticated piece of malware…
Read More
-
Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques
Threat ResearchThis blog was authored by Danny Adamitis, David Maynor, and Kendall McKay Executive summary Cisco Talos assesses with moderate confidence that a campaign we recently…
Read More
-
![]()
TLS Fingerprinting in the Real World
Security
To protect your data, you must understand the traffic on your network.
Read More
-
![]()
JasperLoader Emerges, Targets Italy with Gootkit Banking Trojan
Threat ResearchNick Biasini and Edmund Brumaghin authored this blog post with contributions from Andrew Williams. Introduction to JasperLoader Malware loaders are playing an increasingly important role in malware distribution. They give…
Read More
-
![]()
DNSpionage brings out the Karkoff
Threat ResearchIn November 2018, Cisco Talos discovered an attack campaign, called DNSpionage, in which threat actors created a new remote administrative tool that supports HTTP and DNS communication with the attackers’…
Read More
-
![]()
Email – From Novelty to Nefarious
Security
How a revolutionary technology was usurped for evil, and what we can do about it Since its inception, email has gone from a novelty, to a necessity, to at…
Read More
-
![]()
Ransomware or Wiper? LockerGoga Straddles the Line
Threat ResearchLockerGoga is a ransomware variant that, while lacking sophistication, can still cause extensive damage to organizations or individuals. Talos has also seen wiper malware impersonate ransomware, such as NotPetya.
Read More
-
![]()
GlitchPOS: New PoS malware for sale
Threat ResearchWarren Mercer and Paul Rascagneres authored this post with contributions from Ben Baker. Executive summary Point-of-sale malware is popular among attackers, as it usually leads to them obtaining credit card…
Read More
-
![]()
Combing Through Brushaloader Amid Massive Detection Uptick
Threat ResearchBrushaloader is an evolving threat that is being actively developed and refined over time as attackers identify areas of improvement and add additional functionality. Ensure PowerShell logging is enabled and
Read More
-
![]()
ExileRAT shares C2 with LuckyCat, targets Tibet
Threat ResearchCisco Talos recently observed a malware campaign delivering malicious Microsoft PowerPoint document using a mailing list run by the Central Tibetan Administration (CTA), an organization officially representing the Tibetan government-in-exile….
Read More
malware
-
Connect with Cisco Blogs
