Cisco Talos Intelligence Blog

July 12, 2022 13:07

Microsoft Patch Tuesday for July 2022 — Snort rules and prominent vulnerabilities

Microsoft released its monthly security update Tuesday, disclosing more than 80 vulnerabilities in the company’s various software, hardware and firmware offerings, including one that’s actively being exploited in the wild. July's security update features three critical vulnerabi

March 17, 2022 07:03

From BlackMatter to BlackCat: Analyzing two attacks from one affiliate

* BlackCat is a recent and growing ransomware-as-a-service (RaaS) group that targeted several organizations worldwide over the past few months. * There are rumors of a relationship between BlackCat and the BlackMatter/DarkSide ransomware groups, infamous for attacking the Colo

December 2, 2021 07:12

Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extension

By Tiago Pereira. * Talos recently observed a malicious campaign offering fake installers of popular software as bait to get users to execute malware on their systems. * This campaign includes a set of malware distribution campaigns that started in late 2018 and have targeted

October 4, 2021 14:10

Threat hunting in large datasets by clustering security events

By Tiago Pereira. * Security tools can produce very large amounts of data that even the most sophisticated organizations may struggle to manage. * Big data processing tools, such as spark, can be a powerful tool in the arsenal of security teams. * This post walks through thr