Agniane Stealer: Information stealer targeting cryptocurrency users

• 
• 
• 
• 
• 
• 
• 
• 
• 

PrevNext

The Agniane Stealer is an information-stealing malware mainly targeting the cryptocurrency wallets of its victims. It gained popularity on the internet starting in August 2023. Recently, we have observed a distinct campaign spreading it across our telemetry. Our recent study has led to the successful identification and detailed...

Continue reading

Buyers Beware: Scamming Is Rife, Especially In a Time of Crisis

• 
• 
• 
• 
• 
• 
• 
• 
• 
• 

PrevNext

For years, scammers have been using a combination of Blackhat SEO techniques, phishing sites and newsworthy events to either trick individuals into giving up personal information including credit card numbers or to install malware or both. Preying on an individual’s fears has always been a go to tactic...

Continue reading

What’s New in Security and Compliance for Webex

• 
• 
• 
• 
• 

PrevNext

Three New Security Features in Control Hub Security and compliance are top of mind for large customers when deploying collaboration solutions. In today’s modern and digital workplaces, collaboration spans organizational and functional boundaries and employees inevitably share sensitive data and intellectual property. Hence, building and maintaining trust with...

Continue reading

Disk Image Deception

• 
• 
• 

PrevNext

Cisco’s Computer Security Incident Response Team (CSIRT) detected a large and ongoing malspam campaign leveraging the .IMG file extension to bypass automated malware analysis tools and infect machines with a variety of Remote Access Trojans. During our investigation, we observed multiple tactics, techniques, and procedures (TTPs) that defenders...

Continue reading

IcedID Banking Trojan teams up with Rovnix for distribution

In November 2017 security researchers reported a new banking Trojan known as “IcedID”. At the time of discovery IcedID was being distributed by Emotet. In late February and throughout March 2018 Cisco noticed an increase in IcedID infections being detected throughout the AMP ecosystem. Like in November 2017,...

Continue reading

Secure by Design: Enhanced Interfaces Improve Email Security and Malware Analysis

In the infosec world, it’s well established that time is a precious commodity. Time to detection and time to resolution are critical concepts that can mean the difference between a minor incident and making the news. In order to be effective, security teams need to be able to...

Continue reading

Malware stealing gigabytes of your data as seen by Cognitive Threat Analytics

Overview Recently, about 50 users across 20 companies were alarmed by the Cisco Cognitive Threat Analytics (CTA) about a malware that exfiltrates gigabytes of data from their computers. An example of such CTA detection: ...

Continue reading

Cognitive Research: Learning Detectors of Malicious Network Traffic

Malware is constantly evolving and changing. One way to identify malware is by analyzing the communication that the malware performs on the network. Using machine learning, these traffic patterns can be utilized to identify malicious software. Machine learning faces two obstacles: obtaining a sufficient training set of malicious...

Continue reading