Security

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 28 and August 04. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

1 min read

Vulnerabilities discovered by Aleksandar Nikolic and Tyler Bohan of Cisco Talos. Today, Talos is disclosing multiple vulnerabilities that have been identified in the Kakadu JPEG 2000 SDK. The vulnerabilities manifest in a way that could be exploited if a user opens a specifically crafted JPEG 2000 file. Talos has coordinated with Kakadu to ensure relevant […]

1 min read

This post is authored by Matthew Molyett. Executive Summary In March, Talos reported on the details of Crypt0l0cker based on an extensive analysis I carried out on the sample binaries. Binaries — plural — because, as noted in the original blog, the Crypt0l0cker payload leveraged numerous executable files which shared the same codebase. Those executables had nearly identical […]

3 min read

If you’ve been to a security conference in the last year you’ve probably seen more than 20 different vendors all talking about endpoint security. Some might be talking about next generation anti-virus, endpoint detection and response, and even the much lauded machine learning. How do you cut through the clutter and noise to find what […]

2 min read

IoT and IoT-related threats are very real. A massive compromise of IoT devices can severely disrupt not only organizations, but also the Internet itself. Fortunately, we are still in the early days of the IoT, which means there’s still time for defenders to do their part to help secure it.

1 min read

Discovered by Piotr Bania of Cisco Talos Today, Talos is releasing details of a new vulnerability discovered within the EZB Systems UltraISO ISO disk image creator software. TALOS-2017-0342 (CVE-2017-2840) may allow an attacker to execute arbitrary code remotely on the vulnerable system when a specially crafted ISO image is opened and parsed by the UltraISO […]

3 min read

Does this sound like a day in your IT security life? Wake up, get coffee, drive to work, and battle an almost constant onslaught of attacks, while playing whack-a-mole with too many alerts. If so, we get it. You never know where the next attack will come from. And you’re probably on to the fact […]

4 min read

Cisco Cloud Based Security in the SOC Black Hat USA marked its 20th anniversary this year. The members of the NOC management showed me photos of the original NOC: a single router in a closet. The NOC has grown with the conference; into a well-managed team of experts from around the globe, from various vendors […]

3 min read

Once adversaries have found a method for breaching network defenses, stealing data, or otherwise generating revenue, they’ll continue to refine these tactics to avoid detection and improve effectiveness. Ransomware, one of the more high-profile tools leveraged by adversaries, has undergone this same evolution, as we explain in the Cisco 2017 Midyear Cybersecurity Report. Delivery, obfuscation, […]