malware

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between June 16 and June 23. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior c…

This post was authored by Alex Chiu, Warren Mercer, and Jaeson Schultz.  Sean Baird and Matthew Molyett contributed to this post. Back in May, the Necurs spam botnet jettisoned Locky ransomware in favor of the new Jaff ransomware variant. However, earlier this month Kaspersky discovered a vulnerabil…

This post was authored by Anna Shirokova and Ivan Nikolaev John Smith had a lot of friends and liked to travel. One day he got an email that read: “Money has been sent to your PayPal account”. The sender appeared to be a person he met from recent trip to Cape Town. John Smith was curious…

The first episodes of Beers with Talos are now available on iTunes and directly on talosintelligence.com/podcasts. When Talos decided to make a threat intelligence podcast, we wanted to make it different than your typical buttoned down, subdued security podcast. The BWT crew: Craig, Joel, Nigel,…

It all started harmlessly enough. A pleasant sounding ping on her phone and a quick check of her email. But it then quickly descended into a weekend of worry. For people in both the public and private sector, cyber attack has become a potentially life-altering and seemingly unstoppable threat that i…

Friday, May 12 looked like a typical day for most folks as they went into work looking to finish off their day and head into the weekend. But as the day progressed, many organizations across the globe quickly realized that their TGIF was going to be spent dealing with a ransomware attack known as Wa…

Talos has discovered an unknown Remote Administration Tool that we believe has been in use for over 3 years. During this time it has managed to avoid scrutiny by the security community. The current version of the malware allows the operator to steal files, keystrokes, perform screenshots, and execut…

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 7 and April 14. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior…

This blog was authored by Warren Mercer and Paul Rascagneres with contributions from Matthew Molyett. Executive Summary A few weeks ago, Talos published research on a Korean MalDoc. As we previously discussed this actor is quick to cover their tracks and very quickly cleaned up their compromised hos…