Threat of the Month
Explorations in the spam folder
Everyone has a spam folder. It’s often disregarded as a dark, bottomless pit for fake emails from FedEx, pharmacy offers, and introductory emails from women far too amorous to be anything but fantastical. You’d be right to largely ignore this folder. Yet each day new emails end up in it. Most of us…
Securing Industrial IoT
It’s hard to ignore the ubiquity of the internet of things (IoT). Even if you’re one of those holdouts that doesn’t own consumer IoT devices such as a smart speaker, internet-connected thermostat, or a smart watch, industrial IoT (IIoT) devices—a subset of the IoT landscape—are already playing a par…
Malvertising
Online advertising is an integral part of today’s internet experience. In many ways, ads are the lifeblood behind many websites, providing the necessary funding to keep sites running, as well as supporting the creation of new content. While it may appear as though the ads that are displayed are just…
Remote Access Trojans
You’re working for a high-profile technology company, close to releasing a market-changing product to the public. It’s a highly contested space, with many competitors, both domestic and international. There’s also a lot of buzz in the media and online speculation on the scope and impact your new pro…
Threats in encrypted traffic
There was a time when the web was open. Quite literally—communications taking place on the early web were not masked in any significant fashion. This meant that it was fairly trivial for a bad actor to intercept and read the data being transmitted between networked devices. This was especially troub…
DNS under attack
You’ve probably heard the stories by now: one of the fundamental technologies that keeps the internet working has recently become a regular target for attackers. Earlier this month, the UK’s National Cyber Security Centre released an advisory warning of DNS hijacking attacks across multiple regions…
Office 365 phishing
Let’s be honest: administering email is a pain. Routing issues, disk quotas, bouncebacks, the times when users can send but not receive emails, receive but not send, or they flat out cannot send or receive—the list goes on. It’s no wonder that email-hosting services like Office 365 have become so po…
Social media and black markets
You may think that cybercrime takes place in hidden corners of the Internet, where the malicious actors lurk in dark web forums and utilize heavily encrypted networks that require complicated software and extensive authorizations just to access. Unfortunately, that’s not always the case. Sometimes s…
Your money or your life: Digital extortion scams
There’s a particularly insidious type of targeted phishing scam that has grown in popularity since mid-2018. Our Cisco Talos researchers have been monitoring these scams, a few of which we’ll highlight here. As is the case with most phishing scams, they’re after your money, but it’s a departure from…
1