Cisco Talos Intelligence Blog

September 15, 2022 09:09

Gamaredon APT targets Ukrainian government agencies in new campaign

Cisco Talos discovered Gamaredon APT activity targeting users in Ukraine with malicious LNK files distributed in RAR archives.

August 18, 2022 08:08

Ukraine war spotlights agriculture sector's vulnerability to cyber attack

The war in Ukraine has caused massive problems for global food supplies, underscoring the high impact of disruptive events to agriculture entities and related organizations. * The challenges to the Ukrainian agriculture sector imposed by the war--and global ripple effects--have

July 21, 2022 08:07

Attackers target Ukraine using GoMet backdoor

Executive summary Since the Russian invasion of Ukraine began, Ukrainians have been under a nearly constant barrage of cyber attacks. Working jointly with Ukrainian organizations, Cisco Talos has discovered a fairly uncommon piece of malware targeting Ukraine — this time aimed a

March 15, 2022 12:03

Threat Advisory: CaddyWiper

This post is also available in: 日本語 (Japanese) Українська (Ukrainian) Overview Cybersecurity company ESET disclosed another Ukraine-focused wiper dubbed "CaddyWiper" on March 14. This wiper is relatively smaller than previous wiper attacks we've seen in Ukraine such as "Herm

March 10, 2022 14:03

Talos Threat Source newsletter (March 10, 2022) — Fake social media posts spread in wake of Ukraine invasion

Welcome to this week’s edition of the Threat Source newsletter — complete with a new format and feel. First off, it goes without saying, but we’re all heartbroken by the crisis happening in Ukraine. Our hearts are with the people of Ukraine, our employees and their families, as

March 9, 2022 14:03

Threat advisory: Cybercriminals compromise users with malware disguised as pro-Ukraine cyber tools

This post is also available in: Українська (Ukrainian) Update March 17, 2022: Cisco Talos has updated the IOC section with additional hashes and ClamAV coverage. Executive summary * Opportunistic cybercriminals are attempting to exploit Ukrainian sympathizers by offering ma

March 3, 2022 15:03

Cisco stands on guard with our customers in Ukraine

This post is also available in: Українська (Ukrainian) * As the Russia-led invasion intensifies, Ukraine is being attacked by bombs and bytes. Cisco is working around the clock on a global, company-wide effort to protect our customers there and ensure that nothing goes dark.

March 3, 2022 15:03

Current executive guidance for ongoing cyberattacks in Ukraine

This post is also available in: 日本語 (Japanese) Українська (Ukrainian) Cyber threat activity against Ukraine, and around the world, has long been a central focus of our work. We continue to monitor the Ukraine-Russia situation by enacting a comprehensive, Talos-wide effort to p

February 24, 2022 17:02

Talos on the developing situation in Ukraine

This post is also available in: 日本語 (Japanese) Українська (Ukrainian) In the last month, Talos has seen a shift in activity in response to the unjust invasion of Ukraine. This post is meant to serve as our executive overview of the situation and provide you with the most up-to