Transparent Tribe campaign uses new bespoke malware to target Indian government officialsMarch 29, 2022 08:03
* Cisco Talos has observed a new Transparent Tribe campaign targeting Indian government and military entities. While the actors are infecting victims with CrimsonRAT, their well-known malware of choice, they are also using new stagers and implants. * This campaign, which has been ongoing since at least June 2021, uses fake domains
Arid Viper APT targets Palestine with new wave of politically themed phishing attacks, malwareFebruary 2, 2022 08:02
Cisco Talos has observed a new wave of Delphi malware called Micropsia developed and operated by the Arid Viper APT group since 2017. * This campaign targets Palestinian entities and activists using politically themed lures. * The latest iteration of the implant contains multiple RAT and information-gathering capabilities. Executive summary Cisco Talos
Nanocore, Netwire and AsyncRAT spreading campaign uses public cloud infrastructureJanuary 12, 2022 08:01
* Cisco Talos discovered a malicious campaign in October 2021 delivering variants of Nanocore, Netwire and AsyncRATs targeting user's information. * According to Cisco Secure product telemetry, the victims of this campaign are primarily distributed across the United States, Italy and Singapore. * The actor used complex obfuscation techniques in the downloader script.