Nation State Campaign Targets Talos Researchers

Nation State Campaign Targets Talos Researchers
Google's Threat Analysis Group published a blog Monday evening warning of an ongoing campaign attempting to compromise security researchers. Google TAG's blog outlines the attacker's motivations and various TTPs used in these attacks.
 We can confirm that multiple Cisco Talos researchers received messages that appear to be linked to this campaign. As you can see below our researchers did not engage to the point where the malicious files were provided. As security researchers it is important that we follow our own best practices keeping samples and information tightly contained and isolated as much as possible.This is not the first time Cisco and/or Talos has been targeted or used as a lure in this kind of campaign. Talos published research in 2019 detailing a campaign where fake Cisco job postings were used as a lure to point victims toward malicious web pages.One of our researchers was contacted on Jan. 11 with the same lure as those already shared by Google and others. It is worth noting that the first thing the attacker inquired about was if the target was involved in vulnerability research.

While the target affirmed that they were not involved in vulnerability research, the attacker continued their attempt to compromise them.


We have observed a ..