spam

May 28, 2020

SECURITY

Remote work and the threat landscape

This month, we decided to take a look at some of the trends we’ve seen in a shifting threat landscape, including attackers who are adapting their techniques to take advantage of new opportunities. When you understand what they’re doing, it’s easier to mount a better defense against new trends in the threat landscape. 

February 25, 2020

SECURITY

Explorations in the spam folder

Everyone has a spam folder. It’s often disregarded as a dark, bottomless pit for fake emails from FedEx, pharmacy offers, and introductory emails from women far too amorous to be anything but fantastical. You’d be right to largely ignore this folder. Yet each day new emails end up in it. Most of us have learned […]

April 5, 2019

THREAT RESEARCH

Hiding in Plain Sight

Talos has compiled a list of 74 groups on Facebook promising to carry out an array of cyber dirty deeds, and we are tracking their potential impact on Cisco customers.

February 20, 2019

THREAT RESEARCH

Combing Through Brushaloader Amid Massive Detection Uptick

Brushaloader is an evolving threat that is being actively developed and refined over time as attackers identify areas of improvement and add additional functionality. Ensure PowerShell logging is enabled and configured on endpoints.

February 4, 2019

THREAT RESEARCH

ExileRAT shares C2 with LuckyCat, targets Tibet

Cisco Talos recently observed a malware campaign delivering malicious Microsoft PowerPoint document using a mailing list run by the Central Tibetan Administration (CTA), an organization officially representing the Tibetan government-in-exile....

December 14, 2018

THREAT RESEARCH

Bitcoin Bomb Scare Associated with Sextortion Scammers

This blog was written by Jaeson Schultz. Organizations across the country are on edge today after a flurry of phony bomb threats hit several public entities Thursday, such as universities,...

October 31, 2018

THREAT RESEARCH

Anatomy of a sextortion scam

By examining sextortion spam campaigns in detail, our researchers were able to understand how criminals operate, and to see why users were tricked into sending them bitcoin despite empty threats.

January 18, 2018

THREAT RESEARCH

The Many Tentacles of the Necurs Botnet

This post was written by Jaeson Schultz. Introduction Over the past five years the Necurs botnet has established itself as the largest purveyor of spam worldwide. Necurs is responsible for emailing massive amounts of banking malware, ransomware, dating spam, pump-n-dump stock scams, work from home schemes, and even cryptocurrency wallet credential phishing. Necurs sends so much […]

June 21, 2017

THREAT RESEARCH

Player 1 Limps Back Into the Ring – Hello again, Locky!

This post was authored by Alex Chiu, Warren Mercer, and Jaeson Schultz.  Sean Baird and Matthew Molyett contributed to this post. Back in May, the Necurs spam botnet jettisoned Locky ransomware in favor of the new Jaff ransomware variant. However, earlier this month Kaspersky discovered a vulnerability within Jaff which allowed them to create a decryptor. […]