Why are there so many malware-as-a-service offerings?

Whether known as commodity malware or "as-a-service," threat actors have long been turning to their fellow adversaries in the hopes of selling off their tools and opening a new stream of revenue. When used legitimately, as-a-service software is when a third-party company offers its software to...

Bluebottle Group Continues Attacks on Banks in Francophone Africa

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Bluebottle is a cybercrime group that has been targeting banks in French-speaking countries in Africa. The group uses a variety of tactics, including living off the land, dual-use tools, and commodity...

Quarterly Report: Incident Response Trends in Q2 2022

Commodity malware usage surpasses ransomware by narrow margin By Caitlin Huey. For the first time in more than a year, ransomware was not the top threat Cisco Talos Incident Response CTIR responded to this quarter, as commodity malware surpassed ransomware by a narrow margin. This is likely due t...

The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the first post of our new Voice of the Community blog series, Microsoft Product Marketing Manager Natalia Godyla talks with Jake Williams, Founder of...

The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the first post of our new Voice of the Community blog series, Microsoft Product Marketing Manager Natalia Godyla talks with Jake Williams, Founder of...

Carbon Black Threat Analysis Unit (TAU) Uncovers Significant Evolution of Popular Cryptomining Campaign Affecting More than 500,000 Computers

Carbon Black’s CB Threat Analysis Unit TAU has uncovered a secondary component in a well-known cryptomining campaign. The malware has been enhanced to also steal system access information for possible sale on the dark web. Combined together, this attack is being classified as “Access Mining.” Thi...

PowerShell Obfuscation Ups the Ante on Antivirus

A new malware sample using a rare obfuscation technique has been spotted that uses the features of PowerShell, a tool that comes built in to Microsoft Windows. Analysis from Cylance shows that the tactic succeeds in bypassing most antivirus products. Cylance researchers stumbled across a malware...