Threat Roundup for March 5 to March 12

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between March 5 and March 12. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are automatically protected from these threats.

As a reminder, the information provided for the following threats in this post is non-exhaustive and current as of the date of publication. Additionally, please keep in mind that IOC searching is only one part of threat hunting. Spotting a single IOC does not necessarily indicate maliciousness. Detection and coverage for the following threats is subject to updates, pending additional threat or vulnerability analysis. For the most current information, please refer to your Firepower Management Center,, or

Read More


20210312-tru.json – this is a JSON file that includes the IOCs referenced in this post, as well as all hashes associated with the cluster. The list is limited to 25 hashes in this blog post. As always, please remember that all IOCs contained in this document are indicators, and that one single IOC does not indicate maliciousness. See the Read More link above for more details.


Next Post

Contemplating the Coffee Supply Chain: A Horror Story

Fri Mar 12 , 2021
On the bean-to-cup journey, dangers await around every corner. Here, well-caffeinated security experts warn the coffee industry about the threats. (Image: Okea via Adobe Stock) A supply chain is only as strong as its weakest link. That we know. “But what gets less consideration is that each step in the […]