malware

Nick Biasini and Edmund Brumaghin authored this blog post with contributions from Matthew Molyett.  Executive Summary Over the past several months, Cisco Talos has been monitoring various malware distribution campaigns leveraging the malware loader Brushaloader to deliver malware payloads to systems…

Cisco Talos recently observed a malware campaign delivering malicious Microsoft PowerPoint document using a mailing list run by the Central Tibetan Administration (CTA), an organization officially representing the Tibetan government-in-exile. The document used in the attack was a PPSX file, a file f…

This blog post was authored by Chris Marczewski Cisco Talos has been tracking a series of Imminent RAT infections for the past two months following reported data from Cisco Advanced Malware Protection’s (AMP) Exploit Prevention engine. AMP successfully stopped the malware before it was able to…

How to stop the ‘Grinch’ from breaking your endpoint defenses You’re gearing up for the holidays. But then your phone rings – it’s your manager. He just heard the news that another malware strain is on the loose. Just like the Grinch, it is a ‘mean one,’ posing a vicious threat to the security of co…

State-sponsored actors have a number of different techniques at their disposal to remotely gain access to social media and secure messaging applications. Starting in 2017 and continuing through 2018, Cisco Talos has seen different techniques being used to attack users and steal their private informa…

In the world of government cybersecurity, ghosts and goblins often take a different form. An innocent looking email, a nondescript USB drive, or even a seemingly helpful bot. Each can serve as a harbinger of doom, delivering destructive malware that leaves your network in disarray. So as the ghosts…

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 14 and 21. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’ve observed by highl…

I recently heard a news story about a survey in which people were asked whether they would prefer the ability to fly or to be invisible. Sure, it was a silly question*, but it was interesting to hear why people made their choices. The majority chose flight. What really fascinated me was that the sur…

“If we had just kept our systems patched, the malware wouldn’t have been a problem.” After every major breach you usually hear those words echoed across news media. You might even pause for a moment and tell yourself that if the victims had just patched their systems, they would have bee…