Threat of the Month

February 25, 2020

SECURITY

Explorations in the spam folder

Everyone has a spam folder. It’s often disregarded as a dark, bottomless pit for fake emails from FedEx, pharmacy offers, and introductory emails from women far too amorous to be anything but fantastical. You’d be right to largely ignore this folder. Yet each day new emails end up in it. Most of us…

January 29, 2020

SECURITY

Securing Industrial IoT

It’s hard to ignore the ubiquity of the internet of things (IoT). Even if you’re one of those holdouts that doesn’t own consumer IoT devices such as a smart speaker, internet-connected thermostat, or a smart watch, industrial IoT (IIoT) devices—a subset of the IoT landscape—are already playing a par…

November 25, 2019

SECURITY

Malvertising

Online advertising is an integral part of today’s internet experience. In many ways, ads are the lifeblood behind many websites, providing the necessary funding to keep sites running, as well as supporting the creation of new content. While it may appear as though the ads that are displayed are just…

October 30, 2019

SECURITY

Remote Access Trojans

You’re working for a high-profile technology company, close to releasing a market-changing product to the public. It’s a highly contested space, with many competitors, both domestic and international. There’s also a lot of buzz in the media and online speculation on the scope and impact your new pro…

September 30, 2019

SECURITY

Threats in encrypted traffic

There was a time when the web was open. Quite literally—communications taking place on the early web were not masked in any significant fashion. This meant that it was fairly trivial for a bad actor to intercept and read the data being transmitted between networked devices. This was especially troub…

July 25, 2019

SECURITY

DNS under attack

You’ve probably heard the stories by now: one of the fundamental technologies that keeps the internet working has recently become a regular target for attackers. Earlier this month, the UK’s National Cyber Security Centre released an advisory warning of DNS hijacking attacks across multiple regions…

May 29, 2019

SECURITY

Office 365 phishing

Let’s be honest: administering email is a pain. Routing issues, disk quotas, bouncebacks, the times when users can send but not receive emails, receive but not send, or they flat out cannot send or receive—the list goes on. It’s no wonder that email-hosting services like Office 365 have become so po…

April 5, 2019

SECURITY

Social media and black markets

You may think that cybercrime takes place in hidden corners of the Internet, where the malicious actors lurk in dark web forums and utilize heavily encrypted networks that require complicated software and extensive authorizations just to access. Unfortunately, that’s not always the case. Sometimes s…

March 14, 2019

SECURITY

Your money or your life: Digital extortion scams

There’s a particularly insidious type of targeted phishing scam that has grown in popularity since mid-2018. Our Cisco Talos researchers have been monitoring these scams, a few of which we’ll highlight here. As is the case with most phishing scams, they’re after your money, but it’s a departure from…