FIN7 Group Uses JavaScript and Stealer DLL Variant in New Attacks
This post was authored by Michael Gorelik and Josh Reynolds Executive Summary Throughout this blog post we will be detailing a newly discovered RTF document family that is being leveraged by the FIN7 group (also known as the Carbanak gang) which is a financially-motivated grou
Threat Round-up for July 14 - July 21
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 14 and July 21. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting
Threat Round-up for May 19 - May 26
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 19 and May 26. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting ke
Reversing Multilayer .NET Malware
This post was authored by Dave McDaniel with contributions from Jaeson Schultz. Recently, we came across a malware sample that has been traversing the Internet disguised as an image of a woman. The malware sample uses several layers of obfuscation to hide its payload, including
Threat Spotlight: Group 72, Opening the ZxShell
This post was authored by Andrea Allievi, Douglas Goddard, Shaun Hurley, and Alain Zidouemba. Recently, there was a blog post on the takedown of a botnet used by threat actor group known as Group 72 and their involvement in Operation SMN. This group is sophisticated, well funde
Threat Spotlight: Group 72
This post is co-authored by Joel Esler, Martin Lee and Craig Williams. Everyone has certain characteristics that can be recognised. This may be a way of walking, an accent, a turn of phrase or a style of dressing. If you know what to look for you can easily spot a friend or acqua