Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week.
A group we’re calling “SWEED” may be behind years of Agent Tesla attacks. This week, we uncovered everything we know about this actor, and ran down their TTPs and discussed how users can stay safe.
If you didn’t get enough of the ransomware debate last week, we have even more talk of extortion payments on the latest Beers with Talos episode, too.
We also have our weekly Threat Roundup, which you can find on the blog every Friday afternoon. There, we go over the most prominent threats we’ve seen (and blocked) over the past week. Due to the Fourth of July holiday in the U.S., expect our blog and social media to be fairly quiet over the next few days.
Upcoming public engagements with Talos
Event: "DNS on Fire" at Black Hat USALocation: Mandalay Bay, Las Vegs, NevadaDate: Aug. 7Speaker: Warren MercerSynopsis: In this talk, Warren will go over two recent malicious threat actors targeting DNS protocol along with the methodology used to target victims, timeline, and technical details. The first is a piece of malware, "DNSpionage," targeting government agencies in the Middle East and an airline. The second actor, more advanced and aggressive than the previous o ..
Support the originator by clicking the read the rest link below.
){kind=link}