Cisco Talos
Breaking down a two-year run of Vivin’s cryptominers
News Summary There is another large-scale cryptomining attack from an actor we are tracking as “Vivin” that has been active since at least November 2017. “Vivin” has consistently evolved over the past few years, despite having poor operational security and exposing key detai…
Threat Roundup for January 10 to January 17
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 10 and Jan 17. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral ch…
Threat Roundup for January 3 to January 10
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 3 and Jan 10. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral cha…
If Cybersecurity Was a Christmas Dinner
A couple of years ago, my colleague Hazel released an inspiring blog post explaining an interesting analogy on Cisco’s approach to cybersecurity: if cybersecurity was a pizza. As I began to prepare for my festive feast, a similar analogy was cooking (ahem..,) as I thought about how many elements the…
Combat Modern Day Plague in Security with Email Security and Cisco Threat Response Integration
In January 1900, the four-masted steamship S.S. Australia laid anchor in the Port of San Francisco. The ship sailed between Honolulu and San Francisco regularly, and its passengers and crew were declared clean. However, it is difficult to define what ‘clean’ was in the absence of parameters that cou…
Incident Response Lessons From Recent Maze Ransomware Attacks
This post authored by JJ Cummings and Dave Liebenberg This year, we have been flooded with reports of targeted ransomware attacks. Whether it’s a city, hospital, large- or medium-sized enterprise — they are all being targeted. These attacks can result in significant damage, cost, and have many diffe…
The Circus is Coming to Town and Why You Should Stay Away
We are entering the integrated era You’ve probably noticed the recent headlines of a few one-trick ponies getting together to form their own three ring circus. These events underscore a paradigm shift that is underway – the security world is entering the integrated era. Nowadays, customers want co…
Cryptocurrency miners aren’t dead yet: Documenting the voracious but simple “Panda”
By Christopher Evans and David Liebenberg. Executive summary A new threat actor named “Panda” has generated thousands of dollars worth of the Monero cryptocurrency through the use of remote access tools (RATs) and illicit cryptocurrency-mining malware. This is far from the most sophisticated actor w…
Take bigger risks with the right trusted advisors
When I look back at all the chances I have taken in my life – moving to New York City out of college having never visited prior, to leaving that career with no direction of what was next, to joining Cisco back in 2012 having no technology background whatsoever. I ask myself what gave me the strength…