Cisco Talos Intelligence Blog

January 19, 2023 08:01

Following the LNK metadata trail

While tracking some prevalent commodity malware threat actors, Talos observed the popularization of malicious LNK files as their initial access method to download and execute payloads. A closer look at the LNK files illustrates how their metadata could be used to identify and track new campaigns.

November 8, 2018 12:11

Metamorfo Banking Trojan Keeps Its Sights on Brazil

This blog post was authored by Edmund Brumaghin, Warren Mercer, Paul Rascagneres, and Vitor Ventura. Executive Summary Financially motivated cybercriminals have used banking trojans for years to steal sensitive financial information from victims. They are often created to gath