Cisco Talos

January 21, 2020

THREAT RESEARCH

Breaking down a two-year run of Vivin’s cryptominers

News Summary There is another large-scale cryptomining attack from an actor we are tracking as “Vivin” that has been active since at least November 2017. “Vivin” has consistently evolved over the past few years, despite having poor operational security and exposing key detai…

January 17, 2020

THREAT RESEARCH

Threat Roundup for January 10 to January 17

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 10 and Jan 17. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral ch…

January 10, 2020

THREAT RESEARCH

Threat Roundup for January 3 to January 10

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 3 and Jan 10. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral cha…

December 19, 2019

SP360: SERVICE PROVIDER

If Cybersecurity Was a Christmas Dinner

A couple of years ago, my colleague Hazel released an inspiring blog post explaining an interesting analogy on Cisco’s approach to cybersecurity: if cybersecurity was a pizza. As I began to prepare for my festive feast, a similar analogy was cooking (ahem..,) as I thought about how many elements the…

December 18, 2019

SECURITY

Combat Modern Day Plague in Security with Email Security and Cisco Threat Response Integration

In January 1900, the four-masted steamship S.S. Australia laid anchor in the Port of San Francisco. The ship sailed between Honolulu and San Francisco regularly, and its passengers and crew were declared clean. However, it is difficult to define what ‘clean’ was in the absence of parameters that cou…

December 17, 2019

THREAT RESEARCH

Incident Response Lessons From Recent Maze Ransomware Attacks

This post authored by JJ Cummings and Dave Liebenberg This year, we have been flooded with reports of targeted ransomware attacks. Whether it’s a city, hospital, large- or medium-sized enterprise — they are all being targeted. These attacks can result in significant damage, cost, and have many diffe…

September 24, 2019

SECURITY

The Circus is Coming to Town and Why You Should Stay Away

We are entering the integrated era You’ve probably noticed the recent headlines of a few one-trick ponies getting together to form their own three ring circus.  These events underscore a paradigm shift that is underway – the security world is entering the integrated era.  Nowadays, customers want co…

September 17, 2019

THREAT RESEARCH

Cryptocurrency miners aren’t dead yet: Documenting the voracious but simple “Panda”

By Christopher Evans and David Liebenberg. Executive summary A new threat actor named “Panda” has generated thousands of dollars worth of the Monero cryptocurrency through the use of remote access tools (RATs) and illicit cryptocurrency-mining malware. This is far from the most sophisticated actor w…

August 26, 2019

PARTNER

Take bigger risks with the right trusted advisors

When I look back at all the chances I have taken in my life – moving to New York City out of college having never visited prior, to leaving that career with no direction of what was next, to joining Cisco back in 2012 having no technology background whatsoever. I ask myself what gave me the strength…