clamAV

January 31, 2017

THREAT RESEARCH

Cisco Coverage for Shamoon 2

Shamoon is a type of destructive malware that has been previously associated with attacks against the Saudi Arabian energy sector we’ve been tracking since 2012. We’ve observed that a variant of Shamoon, identified as Shamoon 2, has recently been used against several compromised organiza…

February 18, 2015

THREAT RESEARCH

Equation Coverage

Cisco Talos is aware of the public discourse surrounding the malware family dubbed “The Equation Family”. As of February 17th the following rules (33543 – 33546 MALWARE-CNC Win.Trojan.Equation) were released to detect the Equation Family traffic. These rules may be found in the Cisco FireSIGHT…

November 24, 2014

THREAT RESEARCH

Cisco Coverage for ‘Regin’ Campaign

This post was authored by Alex Chiu with contributions from Joel Esler. Advanced persistent threats are a problem that many companies and organizations of all sizes face.  In the past two days, information regarding a highly targeted campaign known as ‘Regin’ has been publicly disclosed.  The threat…

January 23, 2014

SECURITY

Fiesta Exploit Pack is No Party for Drive-By Victims

This post was also authored by Andrew Tsonchev and Steven Poulson. Update 2014-05-26: Thank you to Fox-IT for providing the Fiesta logo image. We updated the caption to accurately reflect image attribution. Cisco’s Cloud Web Security (CWS) service provides TRAC researchers with a constant fire hose…

December 4, 2013

SECURITY

The Internet of Everything, Including Malware

We are witnessing the growth of the Internet of Everything (IoE), the network of embedded physical objects accessed through the Internet, and it’s connecting new devices to the Internet which may not traditionally have been there before. Unfortunately, some of these devices may be deployed with a se…