threats

April 17, 2019

THREAT RESEARCH

DNS Hijacking Abuses Trust In Core Internet Service

This blog post discusses the technical details of a state-sponsored attack manipulating DNS systems. While this incident is limited to targeting primarily national security organizations in the Middle East and...

September 28, 2018

THREAT RESEARCH

Threat Roundup Sept 21 – 28

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 21 and 28....

September 22, 2018

THREAT RESEARCH

Threat Roundup for Sept 14 – 21

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 14 and 21....

July 26, 2018

SECURITY

Using machine learning to target threats

This blog post begins with a joke about two people in a forest and a bear. A bear appears out of nowhere and starts to chase these two guys during...

April 11, 2018

SECURITY

3 Non-Negotiables for an Effective Data Center Security & Workload Protection Strategy

We know that big data is big business… And the use of on-premises and public cloud infrastructure is growing, according to the Cisco 2018 Security Capabilities Benchmark...

April 14, 2017

THREAT RESEARCH

Threat Round-up for Apr 7 – Apr 14

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 7 and April 14. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

December 20, 2016

THREAT RESEARCH

IEC 104 Protocol Detection Rules

IEC 60870-5-104 Protocol Detection Rules Cisco Talos has released 33 Snort rules which are used to analyze/inspect IEC 60870-5-104 network traffic. These rules will help Industrial Control Systems/Supervisory Control and...

November 18, 2014

THREAT RESEARCH

Reversing Multilayer .NET Malware

This post was authored by Dave McDaniel with contributions from Jaeson Schultz Recently, we came across a malware sample that has been traversing the Internet disguised as an image of a woman. The malware sample uses several layers of obfuscation to hide its payload, including the use of steganography. Steganography is the practice of concealing […]

October 28, 2014

THREAT RESEARCH

Threat Spotlight: Group 72, Opening the ZxShell

This post was authored by Andrea Allievi, Douglas Goddard, Shaun Hurley, and Alain Zidouemba. Recently, there was a blog post on the takedown of a botnet used by threat actor group known as Group 72 and their involvement in Operation SMN.  This group is sophisticated, well funded, and exclusively targets high profile organizations with high […]