Cisco Talos Blog

October 11, 2018 09:06

GPlayed Trojan - .Net playing with Google Market

This blog post is authored byVitor Ventura. Introduction In a world where everything is always connected, and mobile devices are involved in individuals' day-to-day lives more and more often, malicious actors are seeing increased opportunities to attack these devices. Cisco Ta

June 19, 2018 11:25

Vulnerability Spotlight: Multiple Remote Vulnerabilities In Insteon Hub PubNub

Vulnerabilities discovered by Claudio Bozzato of Cisco Talos Talos is disclosing twelve new vulnerabilities in Insteon Hub, ranging from remote code execution, to denial of service. The majority of the vulnerabilities have their root cause in the unsafe usage of the strcpy() fun

May 8, 2018 16:31

Wipers - Destruction as a means to an end

In a digital era when everything and everyone is connected, malicious actors have the perfect space to perform their activities. During the past few years, organizations have suffered several kinds of attacks that arrived in many shapes and forms. But none have been more impactfu

January 22, 2018 12:29

SamSam - The Evolution Continues Netting Over $325,000 in 4 Weeks

This post was written by Vitor Ventura Introduction Talos has been working in conjunction with Cisco IR Services on what we believe to be a new variant of the SamSam ransomware. This ransomware has been observed across multiple industries including Government, Healthcare and

October 22, 2017 12:22

“Cyber Conflict” Decoy Document Used In Real Cyber Conflict

Update 10/23: CCDCOE released a statement today on their website Introduction Cisco Talos discovered a new malicious campaign from the well known actor Group 74 (aka Tsar Team, Sofacy, APT28, Fancy Bear…). Ironically the decoy document is a deceptive flyer relating to the Cyb