Cisco Talos Intelligence Blog

January 26, 2023 04:01

Quarterly Report: Incident Response Trends in Q4 2022

Syncro, a remote management and monitoring tool, emerges as an increasingly common tool for adversaries. By Caitlin Huey. Ransomware continued to be a top threat Cisco Talos Incident Response (Talos IR) responded to this quarter, with appearances from both previously seen and n

August 28, 2019 10:08

RAT Ratatouille: Backdooring PCs with leaked RATs

Executive summary Orcus RAT and RevengeRAT are two of the most popular remote access trojans (RATs) in use across the threat landscape. Since its emergence in 2016, various adversaries used RevengeRAT to attack organizations and individuals around the world. The source code asso

July 1, 2019 11:07

RATs and stealers rush through “Heaven’s Gate” with new loader

By Holger Unterbrink and Edmund Brumaghin. Executive summary Malware is constantly finding new ways to avoid detection. This doesn't mean that some will never be detected, but it does allow adversaries to increase the period of time between initial release and detection. Flyin