How adversaries use politics for compromise
By Nick Biasini and Edmund Brumaghin. Executive Summary With the U.S. presidential primaries just around the corner, even malware authors can't help but get behind the frenzy. Cisco Talos recently discovered several malware distribution campaigns where the adversaries were uti
C2 With It All: From Ransomware To Carding
By Warren Mercer, Paul Rascagneres and Vitor Ventura. Summary Cisco Talos recently discovered a new server hosting a large stockpile of malicious files. Our analysis of these files shows that these attackers were able to obtain a deep level of access to victims' infrastructure
What you — and your company — should know about cyber insurance
By Jon Munshaw and Joe Marshall. It’s no longer a question of “if” any given company or organization is going to be hit with a cyber attack — it’s when. And when that attack comes, who is willing to take on that risk? For some groups, it may be that they feel they are fully pre
Should governments pay extortion payments after a ransomware attack?
"The risk must be judged to see if the cost is worth the attempt to get that data back or if these resources can do it within a reasonable timeframe. There are no guarantees in either direction."
The sights and sounds from the Talos Threat Research Summit
Cyber Security Week in Review (March 28)
Ransomware or Wiper? LockerGoga Straddles the Line
Executive Summary Ransomware attacks have been in the news with increased frequency over the past few years. This type of malware can be extremely disruptive and even cause operational impacts in critical systems that may be infected. LockerGoga is yet another example of this sor
Files Cannot Be Decrypted? Challenge Accepted. Talos Releases ThanatosDecryptor
This blog post was authored by Edmund Brumaghin, Earl Carter and Andrew Williams. Executive summary Cisco Talos has analyzed Thanatos, a ransomware variant that is being distributed via multiple malware campaigns that have been conducted over the past few months. As a result of
Gandcrab Ransomware Walks its Way onto Compromised Sites
This blog post authored by Nick Biasini with contributions from Nick Lister and Christopher Marczewski. Despite the recent decline in the prevalence of ransomware in the threat landscape, Cisco Talos has been monitoring the now widely distributed ransomware called Gandcrab. Gand