Cisco Talos

Cyber security experts found an update of the Karkoff implant, used by APT34. It proves that group is still operating and that a new campaign is active. The malware is delivered through spear-phishing emails.

Cybercrime, SWEED is targeting precision engineering companies in Italy

Marco Ramilli, cyber security expert and Yoroi founder: The attacker, pretended to be a customer,…

Cybercrime, SWEED is targeting precision engineering companies in Italy

Marco Ramilli, cyber security expert and Yoroi founder: The attacker, pretended to be a customer, sent to victims an email containing Microsoft XLS file, without Macro but with hidden malware.

Cybercrime, Gustuff Android banking trojan is back with new features

Cisco Talos cyber security experts: The malware still attacks Australia and spreads via SMS. But…

Cybercrime, Gustuff Android banking trojan is back with new features

Cisco Talos cyber security experts: The malware still attacks Australia and spreads via SMS. But latest version no longer has hardcoded package names and added a “poor man scripting engine”.

Cybercrime increase the use of ODT files to distribute malware

Cisco Talos cyber security experts found there campaigns that leverage OpenDocument Text format. But could…

Cybercrime increase the use of ODT files to distribute malware

Cisco Talos cyber security experts found there campaigns that leverage OpenDocument Text format. But could be more in the future. Targets today are English and Arabic-speaking users.

Cybercrime: here it comes Divergent a new fileless malware

Cisco Talos cyber security experts: It uses the system registry to bypass anti-virus scanning, a…

Cybercrime: here it comes Divergent a new fileless malware

Cisco Talos cyber security experts: It uses the system registry to bypass anti-virus scanning, a registry key to maintain persistence and PowerShell to install.

Cybercrime is targeting Italy with a new version of JasperLoader

Cisco Talos cyber security experts: It features several changes and improvements to control where the…

Cybercrime is targeting Italy with a new version of JasperLoader

Cisco Talos cyber security experts: It features several changes and improvements to control where the malware can spread and avoid analysis by sandboxes and antivirus.

Qakbot (aka Qbot) malware is evolving with new obfuscation techniques

Cisco Talos Cyber Security experts: The banking trojan is utilizing an updated persistence mechanism that…

Qakbot (aka Qbot) malware is evolving with new obfuscation techniques

Cisco Talos Cyber Security experts: The banking trojan is utilizing an updated persistence mechanism that can make it harder for users to detect and remove it.

Is Iran’s APT34 behind the Sea Turtle cyber espionage campaign?

The cyber security experts: There are many similarities on TTPs, targets and purposes. The credential…

Is Iran’s APT34 behind the Sea Turtle cyber espionage campaign?

The cyber security experts: There are many similarities on TTPs, targets and purposes. The credential harvesting could be complementary to the WebMask project on DNS Hijack.

Sea Turtle campaign is harvesting credentials in Middle East and North Africa

Cisco Talos cyber security experts: At least 40 organizations across 13 different countries were compromised…

Sea Turtle campaign is harvesting credentials in Middle East and North Africa

Cisco Talos cyber security experts: At least 40 organizations across 13 different countries were compromised by a state-sponsored actor who exploits DNS hijacking.

Shopping, cybercrime attacks POS in stores with new malware

Web criminals, even inexperienced, exploit their weak cyber security. Cisco Talos discovers GlitchPOS, new malicious…

Shopping, cybercrime attacks POS in stores with new malware

Web criminals, even inexperienced, exploit their weak cyber security. Cisco Talos discovers GlitchPOS, new malicious code with video tutorial.