Clik here to view.
Finding the RAT’s Nest
We’ve spotted a Remote Access Trojan(RAT) and are headed down into the unknown. In this blog post we’re going to examine some malicious infrastructure that we’ve found by pivoting through domains...
View ArticleClik here to view.
Chasing the Storm
In this blog, we’ll discuss new tactics used in Hailstorm campaigns. These new tactics include infecting systems with a trojan for sending out spam, and leveraging a single system for hosting a large...
View ArticleClik here to view.
‘Seamless’ Campaign Delivers Ramnit via Rig EK
The Cisco Umbrella Team has been tracking an Exploit Kit campaign that we refer to as ‘Seamless’ due to its inclusion of the now deprecated seamless iframe attribute. This campaign has been discussed...
View ArticleClik here to view.
Behind the Modern Botnet
Earlier this month, I was fortunate enough to be able to speak at the very first BSides Amsterdam. I shared some insight on botnets and the malicious infrastructure behind them, seen from analyzing DNS...
View ArticleClik here to view.
Introducing @PhishTank_Bot
Out of the Net, into the Tank PhishTank started in 2006 with the idea to help make the Internet a better place by sharing free phishing data with the help of our online community. Over 5.3 million...
View ArticleClik here to view.
Belated Christmas Greetings from Emotet
Emotet is a trojan that steals financial information, AKA, “Banking Malware”. Trojans give cybercriminals a backdoor to systems, making it possible to spy on confidential information like banking...
View ArticleClik here to view.
Won’t You Be My Neighbor?
A common metaphor for the Internet is that it’s divided into neighborhoods. If your website is hosted on an IP address and using nameservers that allow or encourage criminal activity, then you’re in a...
View ArticleClik here to view.
You Know, for Science
In December 2016, Cisco Umbrella released a new security category called “Newly Seen Domains”. This category identifies domains that have been queried for the first time by customers of Cisco...
View ArticleClik here to view.
The Coin Rush
Malicious cryptocurrency miners have been the latest ‘trend’ with cybercriminals. This is malicious software that gets installed onto a victim’s system that is able to use it’s processing power to mine...
View ArticleClik here to view.
Today’s Catch: Phishing Roundup – Part 1
In this blog post we’re going to cover several aspects of phishing trends that we’ve seen over the past three months. Phishers are always out for your personal information and are using clever ways to...
View Article
