9 matches found
BEACON: A Unified Behavioral-Tactical Framework for Explainable Cybercrime Analysis with Large Language Models
Cybercrime increasingly exploits human cognitive biases in addition to technical vulnerabilities, yet most existing analytical frameworks focus primarily on operational aspects and overlook psychological manipulation. This paper proposes BEACON, a unified dual-dimension framework that integrates...
Scattered Spider’s Strategic Hunt: Is Your Industry Next?
Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Introduction In April 2025, a single phone call didn’t just ‘help crash’ Marks & Spencer’s...
Year in Review: AI based threats
2024 wasn't the year that AI rewrote the cybercrime playbook -- but it did turbocharge some of the old tricks. In Cisco Talos' 2024 Year in Review, with the help of our friends at Robust Intelligence now a Cisco company, we dissect how cybercriminals used generative AI to scale up social...
Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations
A cybercrime group dubbed Bluebottle has been linked to a set of targeted attacks against the financial sector in Francophone countries located in Africa from at least July 2022 to September 2022. "The group makes extensive use of living-off-the-land, dual use tools, and commodity malware, with n...
Labs quarterly report finds ransomware’s gone rampant against businesses
Ransomware's back—so much so that we created an entire report on it. For 10 quarters, we've covered cybercrime tactics and techniques, covering a wide range of threats we saw lodged against consumers and businesses through our product telemetry, honeypots, and threat intelligence. We've looked at...
Labs CTNT report shows shift in threat landscape to cryptomining
It's that time again! Time for the quarterly Malwarebytes Labs Cybercrime Tactics and Techniques report aka the Labs CTNT report. To get a more complete picture of what's been going on in cybercrime this quarter, the Labs team has combined intel and statistics gathered from January through March...
Expired domain names and malvertising
In Q1 and Q2 of 2017, we noticed a sharp decline in drive-by downloads coming from compromised websites. The campaigns of the past are either gone Pseudo Darkleech or have changed focus EITest using social engineering techniques. Malvertising - which has remained steady and is currently the main...
GozNym Banking Trojan Targeting German Banks
GozNym’s Euro trip rolls on. Fresh from targeting banks in Poland, the banking Trojan has reportedly begun taking aim at banks in Germany. For many, August marks the long, dog days of summer but developers behind GozNym appear to be working hard. According to numbers published by IBM’s X-Force te...
Why Watering Hole Attacks Work
Information security is littered with bad analogies. And none sounds sillier than a watering hole attack, which plays off the tactic that dominant animals use when stalking food by loitering at a watering hole. Rather than chase their prey, a lion will wait for prey to come to it. Hackers are doi...