1. Home
  3. Latest insights and cybersecurity resources

Latest insights and cybersecurity resources

Threat Advisory: Obfuscation and process hollowing with GOO and XWorm

Threat Advisory: Obfuscation and process hollowing with GOO and XWorm

Andrew Papastefanou

This threat advisory provides a detailed breakdown of a recent XWorm malware attack, revealing how attackers leveraged phishing emails, fileless execution, and process hollowing to infiltrate a target environment. By analysing the multi-stage attack chain, security professionals gain insights into obfuscation techniques, persistence mechanisms, and credential theft strategies used by adversaries.

The attack occurred just before Christmas, highlighting the increased risk of cyber threats during holidays when security teams may be understaffed. This real-world case study demonstrates how Managed Detection and Response (MDR) teams detected and mitigated the attack, offering practical takeaways for improving threat detection and response.

By reading this advisory, cybersecurity professionals can stay informed about emerging threats, learn how attacks unfold and enhance their defensive strategies. With insights from real incident response efforts, security teams can fine-tune detection rules, strengthen phishing defences and increase vigilance during high-risk periods.

Continue
CREST SOC accreditation: What it means for our customers

CREST SOC accreditation: What it means for our customers

Andrew Papastefanou

At Talanos Cybersecurity, safeguarding your digital assets is personal to us. Our CREST SOC Accreditation reflects our dedication to delivering top-tier 24/7 cybersecurity services. Trust us to protect your business with cutting-edge tools, expert staff, industry-recognised processes and without compromise.

Continue
CREST
Securing the Law Firm

Securing the Law Firm

Chris White
Chris White, legal CIO, answers important questions regarding cyber threats faced by law firms.
Continue
An appeal for cyber incident and near miss stories

An appeal for cyber incident and near miss stories

Andrew Papastefanou
NCSC's "Defend as One" initiative depends wholly on its contributors and the more that people share, the more others will come forward and share. Members can only benefit from the growth of the community. The initiative is proving that sensitive information can be transformed into valuable insights, shared anonymously to bridge the gap between entities and between the public and private sector.
Continue
Defending law firms - A case for pre-attack intelligence in the legal sector

Defending law firms - A case for pre-attack intelligence in...

Andrew Papastefanou
Talanos Dark and Deep Web Intelligence service is offered as both a single point-in-time risk assessment report as well as an ongoing detection and response capability, without limitations on the number of domains, public facing IP addresses and VIP accounts monitored.
Continue
Don't just defend - go after attacker infrastructure

Don't just defend - go after attacker infrastructure

Andrew Papastefanou

Talanos truly believe that defenders who care about cybersecurity should put in the effort to close down attacker infrastructure they discover. We don’t do it for our customers, for money or for recognition - we do it because we actually care about the communities we live in and it’s the right thing to do. This post will explain the takedown process, how to research targets and escalate to be successful.

Continue