exfiltration

Cisco Talos recently discovered a threat actor attempting to take advantage of Americans who may be seeking a job, especially military veterans. The actor, previously identified by Symantec as Tortoiseshell, deployed a website called hxxp://hiremilitaryheroes[.]com that posed as a website to help U.…

The few last days, a malware sample named EyePyramid has received considerable attention, especially in Italy. The Italian police have arrested two suspects and also published a preliminary report of the investigation. This malware is notable due to the targeting of Italian celebrities and politicia…

This post is authored by Gayan de Silva and Martin Pospisil. Overview Recently, about 50 users across 20 companies were alarmed by the Cisco Cognitive Threat Analytics (CTA) about a malware that exfiltrates gigabytes of data from their computers. An example of such CTA detection: In addition to the…

The Insider Lifecycle Traditional security is designed to keep outsiders from getting in. What happens when the enemy is an insider? A new paradigm must be explored, where the focus needs to shift inward and how data is going outbound. Identifying anomalies in data exfiltration is critical to how to…