worm

January 14, 2019

SECURITY

SMB and the return of the worm

Watch the threat landscape long enough, and you’ll see that some things are cyclical. Threat types and attack methods fall in and out of fashion. As the use of one vector declines, another increases in popularity. Take network shares for instance—the technology that allows users to share files and f…

October 29, 2018

GOVERNMENT

Cybersecurity: A spooky tech-tale for Halloween

In the world of government cybersecurity, ghosts and goblins often take a different form. An innocent looking email, a nondescript USB drive, or even a seemingly helpful bot. Each can serve as a harbinger of doom, delivering destructive malware that leaves your network in disarray. So as the ghosts…

August 25, 2015

THREAT RESEARCH

Malware Meets SysAdmin – Automation Tools Gone Bad

This post was authored by Alex Chiu and Xabier Ugarte Pedrero. Talos recently spotted a targeted phishing attack with several unique characteristics that are not normally seen. While we monitor phishing campaigns used to distribute threats such as Dridex, Upatre, and Cryptowall, targeted phishing at…

September 30, 2014

THREAT RESEARCH

Shellshock Exploits in the Wild

This post was authored by Joel Esler & Martin Lee. The recently discovered Bash vulnerability (CVE-2014-6271) potentially allows attackers to execute code on vulnerable systems. We have already blogged about the issue and provided more technical detail in a further blog. The rapid release of IP…

September 25, 2014

THREAT RESEARCH

Another Major Vulnerability Bashes Systems

Vulnerabilities that permit remote network attacks against ubiquitous software components are the nightmares of security professionals. On 24 September the presence of a new vulnerability, CVE-2014-6271 in Bash shell allowing remote code execution was disclosed.…