10 matches found
A (somewhat) complete timeline of Talos’ history
A lot has happened in Talos 10 years of existence. And to celebrate our birthday, we wanted to look back on some of the major moments in Talos history. Heres an overview of some of the major events, cyber attacks, research breakthroughs and more that truly make Talos Talos. We hope this walk down...
Beers with Talos EP23 - Eternal Fauxmance: Attribution Easter Eggs
Beers with Talos BWT Podcast Episode 23 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast EP23 Show Notes: Recorded 2/16/18 - This week, Mitch learns about starting a show without Matt with no...
2017 in Snort Signatures.
This post was written by Martin Lee and Vanja Svajcer. 2017 was an eventful year for cyber security with high profile vulnerabilities that allowed self-replicating worm attacks such as WannaCry and BadRabbit to impact organizations throughout the world. In 2017, Talos researchers discovered many...
Beers with Talos EP 16: Strong Copy - Bad Rabbit and the Nyetya Connection
Beers with Talos BWT Podcast Episode 16 is now available. Download this episode and subscribe to Beers with Talos:img border="0" data-original-height="45" data-original-width="160" src="https://2.bp.blogspot.com/-E-RSSZ9jbUY/WaWCkLGZnZI/AAAAAAAAAJE/Ciiz-Si...
Threat Spotlight: Follow the Bad Rabbit
Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues.Update 2017-10-26 16:10 EDT: added additional information regarding the links between Nyetya and BadRabbitUpdate 2017-10-26 09:20...
Back to Basics: Worm Defense in the Ransomware Age
This post was authored by Edmund Brumaghin "Those who cannot remember the past are condemned to repeat it." - George SantayanaThe PrequelIn March 2017, Microsoft released a security update for various versions of Windows, which addressed a remote code execution vulnerability affecting a protocol...
On Conveying Doubt
This post was authored by Matt Olney.Typically, Talos has the luxury of time when conducting research. We can carefully draft a report that clearly lays out the evidence and leads the reader to a clear understanding of our well supported findings. A great deal of time is spent ensuring that the...
The MeDoc Connection
This Post Authored by David Maynor, Aleksandar Nikolic, Matt Olney, and Yves YounanSummaryThe Nyetya attack was a destructive ransomware variant that affected many organizations inside of Ukraine and multinational corporations with operations in Ukraine. In cooperation with Cisco Advanced Service...
From BlackEnergy to ExPetr
Much has been written about the recent ExPetr/NotPetya/Nyetya/Petya outbreak - you can read our findings here:Schroedinger's Petya and ExPetr is a wiper, not ransomware. As in the case of Wannacry, attribution is very difficult and finding links with previously known malware is challenging. In th...
New Ransomware Variant "Nyetya" Compromises Systems Worldwide
Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues.Update 2017-07-06 12:30 EDT: Updated to explain the modified DoublePulsar backdoor.Since the SamSam attacks that targeted US...