Cisco Talos

News Summary There is another large-scale cryptomining attack from an actor we are tracking as “Vivin” that has been active since at least November 2017. “Vivin” has consistently evolved over the past few years, despite having poor operational security and exposing key detai…

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 10 and Jan 17. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral ch…

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 3 and Jan 10. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral cha…

A couple of years ago, my colleague Hazel released an inspiring blog post explaining an interesting analogy on Cisco’s approach to cybersecurity: if cybersecurity was a pizza. As I began to prepare for my festive feast, a similar analogy was cooking (ahem..,) as I thought about how many elements the…

In January 1900, the four-masted steamship S.S. Australia laid anchor in the Port of San Francisco. The ship sailed between Honolulu and San Francisco regularly, and its passengers and crew were declared clean. However, it is difficult to define what ‘clean’ was in the absence of parameters that cou…

This post authored by JJ Cummings and Dave Liebenberg This year, we have been flooded with reports of targeted ransomware attacks. Whether it’s a city, hospital, large- or medium-sized enterprise — they are all being targeted. These attacks can result in significant damage, cost, and have many diffe…

We are entering the integrated era You’ve probably noticed the recent headlines of a few one-trick ponies getting together to form their own three ring circus.  These events underscore a paradigm shift that is underway – the security world is entering the integrated era.  Nowadays, customers want co…

By Christopher Evans and David Liebenberg. Executive summary A new threat actor named “Panda” has generated thousands of dollars worth of the Monero cryptocurrency through the use of remote access tools (RATs) and illicit cryptocurrency-mining malware. This is far from the most sophisticated actor w…

When I look back at all the chances I have taken in my life – moving to New York City out of college having never visited prior, to leaving that career with no direction of what was next, to joining Cisco back in 2012 having no technology background whatsoever. I ask myself what gave me the strength…