Talos

November 20, 2020

THREAT RESEARCH

Threat Roundup for November 13 to November 20

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between November 13 and November 20. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically […]

November 17, 2020

THREAT RESEARCH

Nibiru ransomware variant decryptor

Nikhil Hegde developed this tool. Weak encryption The Nibiru ransomware is a .NET-based malware family. It traverses directories in the local disks, encrypts files with Rijndael-256 and gives them a .Nibiru extension. Rijndael-256 is a secure encryption algorithm. However, Nibiru uses a hard-coded string “Nibiru” to compute the 32-byte key and 16-byte IV values. The […]

November 13, 2020

THREAT RESEARCH

Threat Roundup for November 6 to November 13

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between November 6 and November 13. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically […]

November 6, 2020

THREAT RESEARCH

Threat Roundup for October 30 to November 6

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between October 30 and November 6. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

October 30, 2020

THREAT RESEARCH

Threat Roundup for October 23 to October 30

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between October 23 and October 30. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

October 29, 2020

THREAT RESEARCH

DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread

The newly discovered Firestarter malware uses Google Firebase Cloud Messaging to notify its authors of the final payload location. Even if the command and control (C2) is taken down, the DoNot team can still redirect the malware to another C2 using Google infrastructure. The approach in the final payload upload denotes a highly personalized targeting […]

October 23, 2020

THREAT RESEARCH

Threat Roundup for October 16 to October 23

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between October 16 and October 23. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

October 23, 2020

CUSTOMER EXPERIENCE

3 Ways to Stay Safe During National Cybersecurity Awareness Month (and Beyond)

Organizations must remain constantly alert to detect and defend against the latest cybersecurity threats. Taking basic protection steps can go a long way in reducing vulnerabilities.

October 23, 2020

SECURITY

“Are we affected?” – A simple question, but quite hard to answer

Who doesn’t remember the simple questions you had as a kid, or you now get as an adult from your children: “Why is the banana crooked?” “Why is the sky blue” “Why do people get sick?” That last question is especially relevant today with the current situation – we deal daily with the question “Am […]