Gandcrab Ransomware Walks its Way onto Compromised Sites
While we've seen cryptocurrency miners overtake ransomware as the most popular malware on the threat landscape, Gandcrab is proof that ransomware can still strike at any time.
Threat Research
Critical Infrastructure at Risk: Advanced Actors Target Smart Install Client
Cisco has recently become aware of specific advanced actors targeting Cisco switches by leveraging a protocol misuse issue in the Cisco Smart Install Client.
Olympic Destroyer Takes Aim At Winter Olympics
The Winter Olympics this year is being held in Pyeongchang, South Korea. The Guardian, a UK Newspaper reported an article that suggested the Olympic computer systems suffered technical issues during...
Threat Spotlight: Follow the Bad Rabbit
Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues. On October 24, 2017, Cisco Talos was alerted to a widescale ransomware campaign
CCleaner Command and Control Causes Concern
This post was authored by Edmund Brumaghin, Earl Carter, Warren Mercer, Matthew Molyett, Matthew Olney, Paul Rascagneres and Craig Williams. Note: This blog post discusses active research by Talos into a new threat. This information should be
Threat Round Up for Sept 8 – Sept 15
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between September 08 and September 15. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the
Another Apache Struts Vulnerability Under Active Exploitation
This post authored by Nick Biasini with contributions from Alex Chiu. Earlier this week, a critical vulnerability in Apache Struts was publically disclosed in a security advisory. This new vulnerability, identified as CVE-2017-9805, manifests due to
Taking the FIRST look at Crypt0l0cker
This post is authored by Matthew Molyett. Executive Summary In March, Talos reported on the details of Crypt0l0cker based on an extensive analysis I carried out on the sample binaries. Binaries — plural — because, as noted in the original
New Ransomware Variant “Nyetya” Compromises Systems Worldwide
Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues. For the most current info, please read our full blog on TalosIntelligence.com.