Cisco Talos Intelligence Blog

June 1, 2023 08:06

New Horabot campaign targets the Americas

Cisco Talos has observed a threat actor deploying a previously unidentified botnet program Talos is calling “Horabot,” which delivers a known banking trojan and spam tool onto victim machines in a campaign that has been ongoing since at least November 2020.

February 16, 2023 14:02

Threat Source newsletter (Feb. 16, 2023) — Recapping what we may have missed so far this year

Jon is back from parental leave and recapping the top security stories from late 2022 and early 2023 that totally blew by him.

February 14, 2023 08:02

New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign

Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims.

February 9, 2023 08:02

Beyond the basics: Implementing an active defense

An active defense posture, where the defenders actively use threat intelligence and their own telemetry to uncover potential compromises, is the next stage in the cyber security maturity road. Instead of waiting for detections to trigger, defenders can take initiative and hunt threat actors.

January 24, 2023 07:01

State Sponsored Attacks in 2023 and Beyond

As 2023 begins I wanted to look forward on the future of state sponsored aggression and how we can see it change and evolve over the next year and beyond.

December 14, 2022 08:12

Talos Year in Review 2022

We expect this data-driven story will shed some insight into Cisco’s and the security community’s most notable successes and remaining challenges. As these Year in Review reports continue in the future, we aim to help explain how the threat landscape changes from one year to the next.