Cisco Talos Intelligence Blog

May 5, 2022 08:05

Mustang Panda deploys a new wave of malware targeting Europe

* In February 2022, corresponding roughly with the start of the Russian Invasion of Ukraine, Cisco Talos began observing the China-based threat actor Mustang Panda conducting phishing campaigns against European entities, including Russian organizations. Some phishing messages co

March 29, 2022 08:03

Transparent Tribe campaign uses new bespoke malware to target Indian government officials

By Asheer Malhotra and Justin Thattil with contributions from Kendall McKay. * Cisco Talos has observed a new Transparent Tribe campaign targeting Indian government and military entities. While the actors are infecting victims with CrimsonRAT, their well-known malware of choi

May 13, 2021 08:05

Transparent Tribe APT expands its Windows malware arsenal

Transparent Tribe, also known as APT36 and Mythic Leopard, continues to create fake domains mimicking legitimate military and defense organizations as a core component of their operations. Cisco Talos’ previous research has mainly linked this group to CrimsonRAT, but new campaign

August 26, 2020 09:08

What to expect when you're electing: The building blocks of disinformation campaigns

By Nick Biasini, Kendall McKay and Matt Valites. Editor's note: Related reading on Talos election security research: * /what-to-expect-when-youre-electing * /election-roundtable-video * /what-to-expect-electing-disinformation-building-blocks As Cisco Talos discovered during