Threat Research
Fareit Spam: Rocking Out to a New File Type
1 min read
This post authored by Nick Biasini Talos is constantly monitoring the threat landscape including the email threat landscape. Lately this landscape has been dominated with Locky distribution. During a recent Locky vacation Talos noticed an interesting shift in file types being used to distribute another well known malware family, Fareit. We’ve discussed Fareit before, it’s […]
Sundown EK: You Better Take Care
1 min read
This post was authored by Nick Biasini Over the last six months the exploit kit landscape has seen some major changes. These changes began with Nuclear ceasing operations in April/May and arrests in Russia coinciding with the end of Angler in June. Recently, Neutrino has been added to the list of exploit kits that have […]
Want Tofsee My Pictures? A Botnet Gets Aggressive
1 min read
This post was authored by Edmund Brumaghin Summary Tofsee is multi-purpose malware that has been in existence for several years, operating since at least 2013. It features a number of modules that are used to carry out various activities such as sending spam messages, conducting click fraud, mining cryptocurrency, and more. Once infected, systems become […]
Talos ShadowGate Take Down: Global Malvertising Campaign Thwarted
1 min read
Yet another example of how organizations work together to stop threats affecting users around the globe.
Connecting the Dots Reveals Crimeware Shake-up
1 min read
This Post Authored by Nick Biasini For a couple of weeks in June the threat landscape was changed. Several high profile threats fell off the landscape, causing a shake-up that hadn’t been seen before. For a period of three weeks the internet was safer, if only for a short time. Still to date the Angler […]
Gotta be SWIFT for this Spam Campaign!
1 min read
Talos have observed a large uptick in the Zepto ransomware and have identified a method of distribution for the Zepto ransomware, Spam Email. Locky/Zepto continue to be well known ransomware variants and as such we will focus on the spam email campaign. We found 137,731 emails in the last 4 days using a new attachment […]
Angler Catches Victims Using Phish as Bait
1 min read
This post authored by Nick Biasini with contributions from Erick Galinkin. Exploit kits have been a recurring threat that we’ve discussed here on this blog as a method of driving users to maliciousness. Users typically encounter exploit kit landing pages through compromised websites and malvertising. However, we’ve found a new email twist to the standard […]
Threat Spotlight: Spin to Win…Malware
1 min read
This post was authored by Nick Biasini with contributions from Tom Schoellhammer and Emmanuel Tacheau The threat landscape is ever changing and adversaries are always working to find more efficient ways to compromise users. One of the many ways that users are driven to malicious content is through malicious advertisements known as malvertising. Talos has […]
The “Wizzards” of Adware
1 min read
Talos posted a blog, September 2015, which aimed to identify how often seemingly benign software can be rightly condemned for being a piece of malware. With this in mind, this blog presents an interesting piece of “software” which we felt deserved additional information disclosure. This software exhibits several questionable behaviors including: Attempts to detect sandboxes […]