Ransom Where? Malicious Cryptocurrency Miners Takeover, Generating Millions
his post was authored by Nick Biasini, Edmund Brumaghin, Warren Mercer and Josh Reynolds with contributions from Azim Khodijbaev and David Liebenberg. Executive Summary The threat landscape is constantly changing; over the last few years malware threat vectors, methods and pay
2017 in Snort Rules
This post was written by Martin Lee and Vanja Svajcer. 2017 was an eventful year for cyber security with high profile vulnerabilities that allowed self-replicating worm attacks such as WannaCry and BadRabbit to impact organizations throughout the world. In 2017, Talos researcher
Beers with Talos EP 21: How to Hire the Best, Attribution Without Apaches is Useless
Beers with Talos (BWT) Podcast Episode 21 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast EP21 Show Notes: It is a packed episode this time! We are joined by Edmun
Vulnerability Spotlight: Walt Disney Per-Face Texture Mapping faceInfoSize Code Execution Vulnerability
This vulnerability was discovered by Tyler Bohan of Cisco Talos. Executive Summary Walt Disney PTEX is an open source software application maintained by Walt Disney Animation Studios. It is designed for use in post-production rendering. It allows for the storage of thousands of
SamSam - The Evolution Continues Netting Over $325,000 in 4 Weeks
This post was written by Vitor Ventura Introduction Talos has been working in conjunction with Cisco IR Services on what we believe to be a new variant of the SamSam ransomware. This ransomware has been observed across multiple industries including Government, Healthcare and
The Many Tentacles of the Necurs Botnet
This post was written by Jaeson Schultz. Introduction Over the past five years the Necurs botnet has established itself as the largest purveyor of spam worldwide. Necurs is responsible for emailing massive amounts of banking malware, ransomware, dating spam, pump-n-dump stock s
Beers with Talos EP20: Crypto, Vuln Disco, and the Spectre Meltdown
Beers with Talos (BWT) Podcast Episode 20 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast EP20 Show Notes: This is easily our best podcast of 2018 (so far). The cr
Vulnerability Spotlight: Tinysvcmdns Multi-label DNS DoS Vulnerability
Overview Talos is disclosing a single NULL pointer dereference vulnerability in the tinysvcmdns library. Tinysvcmdns is a tiny MDNS responder implementation for publishing services. This is essentially a mini and embedded version of Avahi or Bonjour. Details Discovered by Cla
Korea In The Crosshairs
This blog post is authored by Warren Mercer and Paul Rascagneres and with contributions from Jungsoo An. A one year review of campaigns performed by an actor with multiple campaigns mainly linked to South Korean targets. Executive Summary This article exposes the malicious