Talos

October 29, 2020

THREAT RESEARCH

DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread

The newly discovered Firestarter malware uses Google Firebase Cloud Messaging to notify its authors of the final payload location. Even if the command and control (C2) is taken down, the DoNot team can still redirect the malware to another C2 using Google infrastructure. The approach in the final payload upload denotes a highly personalized targeting […]

October 23, 2020

THREAT RESEARCH

Threat Roundup for October 16 to October 23

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between October 16 and October 23. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

October 23, 2020

CISCO SERVICES (CX)

3 Ways to Stay Safe During National Cybersecurity Awareness Month (and Beyond)

Organizations must remain constantly alert to detect and defend against the latest cybersecurity threats. Taking basic protection steps can go a long way in reducing vulnerabilities.

October 23, 2020

SECURITY

“Are we affected?” – A simple question, but quite hard to answer

Who doesn’t remember the simple questions you had as a kid, or you now get as an adult from your children: “Why is the banana crooked?” “Why is the sky blue” “Why do people get sick?” That last question is especially relevant today with the current situation – we deal daily with the question “Am […]

October 16, 2020

THREAT RESEARCH

Threat Roundup for October 9 to October 16

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between October 9 and October 16. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

October 9, 2020

THREAT RESEARCH

Threat Roundup for October 2 to October 9

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between September 25 and October 2. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

October 6, 2020

THREAT RESEARCH

90 days, 16 bugs, and an Azure Sphere Challenge

Cisco Talos reports 16 vulnerabilities in Microsoft Azure Sphere’s sponsored research challenge. By Claudio Bozzato and Lilith [-_-]; and Dave McDaniel.   On May 15, 2020, Microsoft kicked off the Azure Sphere Security Research Challenge, a three-month initiative aimed at finding bugs in Azure Sphere. Among the teams and individuals selected, Cisco Talos conducted a […]

October 2, 2020

THREAT RESEARCH

Threat Roundup for September 25 to October 2

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between September 25 and October 2. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

September 29, 2020

THREAT RESEARCH

LodaRAT Update: Alive and Well

Talos recently identified new versions of Loda RAT, a remote access trojan written in AutoIt. Not only have these versions abandoned their usual obfuscation techniques, several functions have been rewritten and new functionality has been added. In one version, a hex-encoded PowerShell keylogger script has been added, along with a new VB script, only to […]