Cisco Talos Intelligence Blog

August 22, 2023 05:08

Generating FLIRT signatures for Nim and other non-C programming languages

Cisco Talos is excited to announce a new project to find an automated way to generate custom FLIRT signatures for IDA.

February 14, 2023 13:02

Microsoft Patch Tuesday for February 2023 — Snort rules and prominent vulnerabilities

Microsoft released its monthly security update on Tuesday, disclosing 73 vulnerabilities. Of these vulnerabilities, 8 are classified as “Critical”, 64 are classified as “Important”, one vulnerability is classified as “Moderate.” According to Microsoft none of the vulnerabilities

January 10, 2023 14:01

Microsoft Patch Tuesday for January 2023 — Snort rules and prominent vulnerabilities

Microsoft released its monthly security update on Tuesday, disclosing 101 vulnerabilities. Of these vulnerabilities, 11 are classified as “Critical”, 89 are classified as “Important”, no vulnerability classified as “Moderate.”

May 18, 2022 02:05

The BlackByte ransomware group is striking users all over the globe

News summary * Cisco Talos has been monitoring the BlackByte Ransomware Group for several months, infecting victims all over the world, from North America to Colombia, Netherlands, China, Mexico and Vietnam. * The FBI released a joint cybersecurity advisory in February 2022 wa

May 11, 2022 10:05

The BlackByte ransomware group is striking users all over the globe

News summary * Cisco Talos has been monitoring the BlackByte Ransomware Group for several months, infecting victims all over the world, from North America to Colombia, Netherlands, China, Mexico and Vietnam. * The FBI released a joint cybersecurity advisory in February 2022 wa

September 21, 2021 08:09

TinyTurla - Turla deploys new malware to keep a secret backdoor on victim machines

News summary * Cisco Talos recently discovered a new backdoor used by the Russian Turla APT group. * We have seen infections in the U.S., Germany and, more recently, in Afghanistan. * It is likely used as a stealth second-chance backdoor to keep access to infected devices *

March 31, 2021 09:03

Cheating the cheater: How adversaries are using backdoored video game cheat engines and modding tools

By Nick Lister and Holger Unterbrink, with contributions from Vanja Svajcer. News summary * Cisco Talos recently discovered a new campaign targeting video game players and other PC modders. * Talos detected a new cryptor used in several different malware campaigns hidden

January 6, 2021 09:01

A Deep Dive into Lokibot Infection Chain

By Irshad Muhammad, with contributions from Holger Unterbrink. News summary * Lokibot is one of the most well-known information stealers on the malware landscape. In this post, we'll provide a technical breakdown of one of the latest Lokibot campaigns. * Talos also has a n

December 17, 2020 09:12

Talos tools of the trade

By Andrea Marcelli and Holger Unterbrink. If you're looking for something to keep you busy while we're all stuck inside during the holidays, Cisco Talos has a few tools for you you can play with in the coming days and weeks. We recently updated GhIDA to work with the latest ve