Security

4 min read

As the days grow shorter and colder, I’m reminded that November is Critical Infrastructure Security and Resilience Month here in the US. According to the Department of Homeland Security, this observance “builds awareness and appreciation of the importance of critical infrastructure and reaffirms the nationwide commitment to keep our critical infrastructure and our communities safe […]

2 min read

According to Chuck Robbins, “At Cisco you, our customers, are our number one priority. We can only be successful if we’ve helped you be successful.” The customer experience has always been a top priority for Cisco. But over the last several quarters, Cisco Security has been hyper-focused on ensuring that our customers achieve consistent and […]

1 min read

Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. For a detailed explanation of each of the categories listed below, please go to https://technet.microsoft.com/en-us/security/gg309177.aspx. This month’s release is packed full of goodies, but you don’t want to wait to review them over Thanksgiving dinner as there […]

4 min read

Before You Take Off, Get Up To Speed on These Six Precursors to Incident Response It seems most advice on setting up a Security Operations Center (SOC), or creating a Computer Security Incident Response Team (CSIRT), focuses on people, technology or processes. Unfortunately, such advice may also include doing so at full speed, from the […]

1 min read

Executive Summary Talos is monitoring the big notorious Exploit Kits(EK) on an ongoing basis. Since Angler disappeared a few month ago, RIG is one EK which seems to be trying to fill the gap Angler has left. We see an ongoing development on RIG. This report gives more details about the complex infection process the […]

1 min read

Talos is releasing an advisory for a remote denial of service attack vulnerability in Microsoft Windows 10 AHCACHE.SYS. An attacker can craft a malicious portable executable file, which if accessed causes AHCACHE.SYS to attempt to access out of scope memory. This triggers a bugcheck in the Windows kernel causing the system to crash, denying service […]

4 min read

It’s been said before, but this bears repeating. On average, it takes organizations 100 days1 or more to detect a breach after it occurs. On average. This means attackers often have more than three months to examine an organization’s data and then steal what they want. Clearly, this is not effective. These attacks ultimately target […]

1 min read

This post was authored by Nick Biasini Over the last six months the exploit kit landscape has seen some major changes. These changes began with Nuclear ceasing operations in April/May and arrests in Russia coinciding with the end of Angler in June. Recently, Neutrino has been added to the list of exploit kits that have […]

3 min read

Back in April, I wrote a blog post about the new version of the Common Vulnerability Scoring System (CVSS). The changes made for CVSSv3 addressed some of the challenges that existed in CVSSv2. For example, CVSSv3 analyzes the scope of a vulnerability and identifies the privileges an attacker needs to exploit it. The CVSSv3 enhancements […]