Cisco Talos is seeing an increasing number of ransomware variants emerge, since 2021, leading to more frequent attacks and new challenges for cybersecurity professionals, particularly regarding actor attribution.
* In February 2022, corresponding roughly with the start of the Russian Invasion of Ukraine, Cisco Talos began observing the China-based threat actor Mustang Panda conducting phishing campaigns against European entities, including Russian organizations. Some phishing messages co
By Asheer Malhotra and Justin Thattil with contributions from Kendall McKay. * Cisco Talos has observed a new Transparent Tribe campaign targeting Indian government and military entities. While the actors are infecting victims with CrimsonRAT, their well-known malware of choi
Transparent Tribe, also known as APT36 and Mythic Leopard, continues to create fake domains mimicking legitimate military and defense organizations as a core component of their operations. Cisco Talos’ previous research has mainly linked this group to CrimsonRAT, but new campaign
By Nick Biasini, Kendall McKay and Matt Valites. Editor's note: Related reading on Talos election security research: * /what-to-expect-when-youre-electing * /election-roundtable-video * /what-to-expect-electing-disinformation-building-blocks As Cisco Talos discovered during