Cisco Talos Intelligence Blog

May 10, 2023 08:05

New phishing-as-a-service tool “Greatness” already seen in the wild

Greatness incorporates features seen in some of the most advanced PaaS offerings, such as multi-factor authentication (MFA) bypass, IP filtering and integration with Telegram bots.

December 8, 2022 14:12

Breaking the silence - Recent Truebot activity

Since August 2022, we have seen an increase in infections of Truebot (aka Silence.Downloader) malware. Truebot was first identified in 2017 and researchers have linked it to a threat actor called Silence Group that is responsible for several high-impact attacks on financial insti

July 12, 2022 13:07

Microsoft Patch Tuesday for July 2022 — Snort rules and prominent vulnerabilities

Microsoft released its monthly security update Tuesday, disclosing more than 80 vulnerabilities in the company’s various software, hardware and firmware offerings, including one that’s actively being exploited in the wild. July's security update features three critical vulnerabi

March 17, 2022 07:03

From BlackMatter to BlackCat: Analyzing two attacks from one affiliate

* BlackCat is a recent and growing ransomware-as-a-service (RaaS) group that targeted several organizations worldwide over the past few months. * There are rumors of a relationship between BlackCat and the BlackMatter/DarkSide ransomware groups, infamous for attacking the Colon

December 2, 2021 07:12

Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extension

By Tiago Pereira. * Talos recently observed a malicious campaign offering fake installers of popular software as bait to get users to execute malware on their systems. * This campaign includes a set of malware distribution campaigns that started in late 2018 and have targeted

October 4, 2021 14:10

Threat hunting in large datasets by clustering security events

By Tiago Pereira. * Security tools can produce very large amounts of data that even the most sophisticated organizations may struggle to manage. * Big data processing tools, such as spark, can be a powerful tool in the arsenal of security teams. * This post walks through thr