Security

4 min read

Cyberattacks are ever evolving to circumvent and evade “protection-only” technologies. Despite your best efforts to protect against compromise, a persistent attacker will eventually breach your defenses and get inside. Then what? IT security teams need to automatically detect a threat when it gets in. They need to know where it came from, how it entered, […]

1 min read

This blog post was authored by Ben Baker, Edmund Brumaghin, Mariano Graziano, and Jonas Zaddach Executive Summary Floki Bot is a new malware variant that has recently been offered for sale on various darknet markets. It is based on the same codebase that was used by the infamous Zeus trojan, the source code of which […]

3 min read

Digital signatures are used to verify the authenticity of a message. For example, when a message is signed, the verifier can rest assured that only the signer could have signed it. ECDSA and DSA are two widely used, standardized digital signature schemes. In order to sign a message, internally both of them require the use […]

2 min read

As I blogged in July of this year, Cisco supports protecting and enabling the international flow of personal data that furthers a progressive economy. To that end, we received official word that we are loud, proud, and on the list for the Privacy Shield – the voluntary, self-certification framework for EU-US data transfer. Why is […]

2 min read

In our highly connected business environments, the need to respond to the inevitable security breach is on the minds of every CISO.  An increasing number of organizations rely on the services of a Managed Detection and Response (MDR) provider.  According to the Cisco 2016 Annual Security Report, 42 percent of surveyed companies outsourced incident response, […]

1 min read

Project FIRST is lead by Angel M. Villegas. This post is authored by Holger Unterbrink. Talos is pleased to announce the release of the Function Identification and Recovery Signature Tool (FIRST). It is an open-source framework that allows sharing of knowledge about similar functions used across file types that IDA Pro can analyze. The aim […]

5 min read

Effective security is simple, open, and automated.  In the last blog, I described several efforts by Cisco to pursue simplicity.  Now let’s talk about how we are executing on the open part. Openness is about playing well with others. As a kid I heard it from my parents, and now I find myself saying it […]

1 min read

This post authored by Nick Biasini and Edmund Brumaghin with contributions from Sean Baird and Andrew Windsor. Executive Summary Talos is continuously analyzing email based malware always looking at how adversaries change and the new techniques that are being added on an almost constant basis. Recently we noticed some novel ways that adversaries are leveraging […]

1 min read

Responsible disclosure of vulnerabilities is a key aspect of security research. Often, the difficulty in responsible disclosure is balancing competing interests - assisting a vendor with patching their...