Cisco Talos Intelligence Blog

  • Blog
  • Podcasts
Cisco Systems, Inc.
Cisco Talos Blog
  • Software
  • Vulnerability Information
    • Vulnerability Information

    • Vulnerability Reports
    • Microsoft Advisories
  • Reputation Center
    • Reputation Center

    • IP & Domain Reputation
    • Talos File Reputation
    • Secure Endpoint Naming Conventions
    • Intelligence Categories
  • Library
  • Support
  • Incident Response
  • Blog
  • Podcasts
    • Podcasts

    • Beers with Talos
    • Talos Takes
  • Careers
  • About

Threat Source (May 2, 2019)

By Jonathan Munshaw

Thursday, May 2, 2019 14:05
Qakbot Threat Source newsletter
Share this post

Related Content

Following the LNK metadata trail

January 19, 2023 08:01

While tracking some prevalent commodity malware threat actors, Talos observed the popularization of malicious LNK files as their initial access method to download and execute payloads. A closer look at the LNK files illustrates how their metadata could be used to identify and track new campaigns.

HTML smugglers turn to SVG images

December 13, 2022 15:12

* HTML smuggling is a technique attackers use to hide an encoded malicious script within an HTML email attachment or webpage. * Once a victim receives the email and opens the attachment, their browser decodes and runs the script, which then assembles a malicious payload directly on the victim’s device. * Talos

What Talos Incident Response learned from a recent Qakbot attack hijacking old email threads

July 27, 2022 08:07

By Nate Pors and Terryn Valikodath. Executive summary * In a recent malspam campaign delivering the Qakbot banking trojan, Cisco Talos Incident Response (CTIR) observed the adversary using aggregated, old email threads from multiple organizations that we assess were likely harvested during the 2021 ProxyLogon-related compromises targeting vulnerable Microsoft Exchange servers.

  • Software
  • Reputation Center
  • Vulnerability Inforamtion
  • Microsoft Advisory Snort Rules
  • Incident Response
  • Secure Endpoint Naming Conventions
  • Talos File Reputation
  • Library
  • Support Communities
  • About
  • Careers
  • Talos Blog
  • Threat Source newsletters
  • Beers with Talos Podcast
  • Talos Takes Podcast
Connect with us
  • Follow us on Twitter
  • Watch our informational videos on YouTube
  • Connect with us on LinkedIn
Cisco Security

© Cisco Systems, Inc. and/or its affiliates. All rights reserved. View our Privacy Policy