threat spotlight

April 27, 2015

THREAT RESEARCH

Threat Spotlight: TeslaCrypt – Decrypt It Yourself

7 min read

This post was authored by: Andrea Allievi, Earl Carter & Emmanuel Tacheau Update 4/28: Windows files recompiled with backward compatibility in Visual Studio 2008 Update 5/8: We’ve made the source code available via Github here Update 6/9/2016: We’ve released a tool to decrypt any TeslaCrypt Version After the takedown of Cryptolocker, we have seen the rise […]

April 20, 2015

THREAT RESEARCH

Threat Spotlight: Upatre – Say No to Drones, Say Yes to Malware

7 min read

This post was authored by Nick Biasini and Joel Esler Talos has observed an explosion of malicious downloaders in 2015 which we’ve documented on several occasions on our blog. These downloaders provide a method for attackers to push different types of malware to endpoint systems easily and effectively. Upatre is an example of a malicious […]

April 9, 2015

THREAT RESEARCH

Threat Spotlight: SSHPsychos

4 min read

This post was authored by Nick Biasini, Matt Olney, & Craig Williams   Introduction Talos has been monitoring a persistent threat for quite some time, a group we refer to as SSHPsychos or Group 93. This group is well known for creating significant amounts of scanning traffic across the Internet. Although our research efforts help […]

April 6, 2015

THREAT RESEARCH

Threat Spotlight: Spam Served With a Side of Dridex

5 min read

This post was authored by Nick Biasini with contributions from Kevin Brooks Overview The use of macro enabled word documents has exploded over the last year, a primary example payload being Dridex. Last week, Talos researchers identified another short lived spam campaign that was delivering a new variant of Dridex. This particular campaign lasted less than […]

September 22, 2014

THREAT RESEARCH

Threat Spotlight: “Kyle and Stan” Malvertising Network 9 Times Larger Than Expected

3 min read

This post was authored by Armin Pelkmann. On September 8th, Cisco’s Talos Security Intelligence & Research Group unveiled the existence of the “Kyle and Stan” Malvertisement Network. The network was responsible for placing malicious advertisements on big websites like amazon.com, ads.yahoo.com, www.winrar.com, youtube.com and 70 other domains. As it turns out, this was just the tip of the iceberg. Ongoing research now reveals […]

September 8, 2014

THREAT RESEARCH

Threat Spotlight: “Kyle and Stan” Malvertising Network Threatens Windows and Mac Users With Mutating Malware

9 min read

This post was authored by Shaun Hurley, David McDaniel and Armin Pelkmann. Update 2014-09-22: Updates on this threat can be found here Have you visited amazon.com, ads.yahoo.com, www.winrar.com, youtube.com, or any of the 74 domains listed below lately? If the answer is yes, then you may have been a victim to the “Kyle and Stan” […]