TrickBot

November 20, 2020

THREAT RESEARCH

Threat Roundup for November 13 to November 20

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between November 13 and November 20. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically […]

October 30, 2020

THREAT RESEARCH

Cisco Talos Advisory on Adversaries Targeting the Healthcare and Public Health Sector

Background Cisco Talos has become aware that an adversary is leveraging Trickbot banking trojan and Ryuk ransomware to target U.S. hospitals and healthcare providers at an increasing rate. Security journalists reported on October 28, 2020 that the adversary was preparing to encrypt systems at “potentially hundreds” of medical centers and hospitals, based on a tip from a […]

March 31, 2020

SECURITY

Trickbot: A primer

In recent years, the modular banking trojan known as Trickbot has evolved to become one of the most advanced trojans in the threat landscape. It has gone through a diverse set of changes since it was first discovered in 2016, including adding features that focus on Windows 10 and modules that target point of sale […]

March 6, 2020

SECURITY

Threat Roundup for February 28 to March 6

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Feb 28 and Mar 6. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

February 14, 2020

SECURITY

Threat Roundup for February 7 to February 14

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Feb 7 and Feb 14. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

February 7, 2020

SECURITY

Threat Roundup for January 31 to February 7

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 31 and Feb 7. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

January 24, 2020

SECURITY

Threat Roundup for January 17 to January 24

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 17 and Jan 24. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

January 17, 2020

SECURITY

Threat Roundup for January 10 to January 17

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 10 and Jan 17. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]

January 10, 2020

SECURITY

Threat Roundup for January 3 to January 10

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 3 and Jan 10. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]