Cisco Talos Blog

October 11, 2017 12:11

Spoofed SEC Emails Distribute Evolved DNSMessenger

This post was authored by Edmund Brumaghin, Colin Grady, with contributions from Dave Maynor and @Simpo13. Executive Summary Cisco Talos previously published research into a targeted attack that leveraged an interesting infection process using DNS TXT records to create a bidir

July 5, 2017 14:22

The MeDoc Connection

Summary The Nyetya attack was a destructive ransomware variant that affected many organizations inside of Ukraine and multinational corporations with operations in Ukraine. In cooperation with Cisco Advanced Services Incident Response, Talos identified several key aspects of the