Cisco Talos Intelligence Blog

May 7, 2021 15:05

Lemon Duck spreads its wings: Actors target Microsoft Exchange servers, incorporate new TTPs

By Caitlin Huey and Andrew Windsor with contributions from Edmund Brumaghin. * Lemon Duck continues to refine and improve upon their tactics, techniques and procedures as they attempt to maximize the effectiveness of their campaigns. * Lemon Duck remains relevant as the operat

January 21, 2020 12:01

Breaking down a two-year run of Vivin’s cryptominers

News Summary * There is another large-scale cryptomining attack from an actor we are tracking as "Vivin" that has been active since at least November 2017. * "Vivin" has consistently evolved over the past few years, despite having poor operational security and exposing key det

July 12, 2018 15:07

Advanced Mobile Malware Campaign in India uses Malicious MDM

Summary Cisco Talos has identified a highly targeted campaign against 13 iPhones which appears to be focused on India. The attacker deployed an open-source mobile device management (MDM) system to control enrolled devices. At this time, we don't know how the attacker managed to