Security

1 min read

Project FIRST is lead by Angel M. Villegas. This post is authored by Holger Unterbrink. Talos is pleased to announce the release of the Function Identification and Recovery Signature Tool (FIRST). It is an open-source framework that allows sharing of knowledge about similar functions used across file types that IDA Pro can analyze. The aim […]

5 min read

Effective security is simple, open, and automated.  In the last blog, I described several efforts by Cisco to pursue simplicity.  Now let’s talk about how we are executing on the open part. Openness is about playing well with others. As a kid I heard it from my parents, and now I find myself saying it […]

1 min read

This post authored by Nick Biasini and Edmund Brumaghin with contributions from Sean Baird and Andrew Windsor. Executive Summary Talos is continuously analyzing email based malware always looking at how adversaries change and the new techniques that are being added on an almost constant basis. Recently we noticed some novel ways that adversaries are leveraging […]

1 min read

Responsible disclosure of vulnerabilities is a key aspect of security research. Often, the difficulty in responsible disclosure is balancing competing interests - assisting a vendor with patching their...

4 min read

October was National Cyber Security Awareness month and there’s been a lot of talk about how organizations should be doing more to protect their networks. One of the current trends in cyber security is that organizations are increasingly turning to trusted partners like Cisco for some or all of their incident response capability. As a […]

1 min read

This post authored by Nick Biasini Talos is constantly monitoring the threat landscape including the email threat landscape. Lately this landscape has been dominated with Locky distribution. During a recent Locky vacation Talos noticed an interesting shift in file types being used to distribute another well known malware family, Fareit. We’ve discussed Fareit before, it’s […]

3 min read

5 First Steps to Defending against IoT Driven DDoS Attacks In honor of October’s National Cybersecurity Awareness Month, users of Twitter, Netflix, Reddit and the New York Times were treated to a special treat – and just in time for Halloween. Unfortunately it was more of a trick as users of these and other major […]

4 min read

Today’s digital economy is growing at a phenomenal rate. All modes of commerce from entertainment to finance and retail have moved on-line. You name it; there is an on-line business...

1 min read

Overview Crash triaging can be a long and complicated process; by using proper tools and having an optimal approach, we can make this a bit easier and less time consuming. In this post we describe a triaging strategy and toolset based on two examples of vulnerability classes: Stack based buffer overflow Heap based buffer overflow […]