malware

January 25, 2016

SECURITY

Hiding in Plain Sight: Malware’s Use of TLS and Encryption

4 min read

Introduction TLS (Transport Layer Security) is a cryptographic protocol that provides privacy for applications. TLS is usually implemented on top of common protocols such as HTTP for web browsing or SMTP for email. HTTPS is the usage of TLS over HTTP, which is the most popular way of securing communication between a web server and […]

December 14, 2015

SECURITY

Malware stealing gigabytes of your data as seen by Cognitive Threat Analytics

3 min read

This post is authored by Gayan de Silva and Martin Pospisil. Overview Recently, about 50 users across 20 companies were alarmed by the Cisco Cognitive Threat Analytics (CTA) about...

September 30, 2015

THREAT RESEARCH

Down the Rabbit Hole: Botnet Analysis for Non-Reverse Engineers

9 min read

This post is authored by Earl Carter & Holger Unterbrink. Overview Talos is often tasked with mapping the backend network for a specific piece of malware. One approach is to first reverse engineer the sample and determine exactly how it operates. But what if there is no time or resources to take the sample apart? […]

September 10, 2015

SECURITY

Security Beyond the Sandbox

3 min read

A few years ago sandboxing technology really came of age in the security industry. The ability to emulate an environment, detonate a file without risk of infection, and analyze its behavior became quite a handy research tool. Since then, sandboxes have become relatively popular (not nearly on the same scale as anti-virus or firewalls) and […]

August 7, 2015

SECURITY

Espionage in the Internet Age

2 min read

If you had asked me a few years ago, I might have predicted that the rise of large scale hacking and network-based Advanced Persistent Threats (APTs) would spell the end...

August 5, 2015

SECURITY

Continuous Analysis Yields Continuous Leadership Against Advanced Threats

2 min read

Organizations today have no shortage of challenges when it comes to cyber security and their growing IT infrastructure. Not only is the frequency and sophistication of malware attacks on the rise, but with the proliferation of mobility, BYOD, IoT, and cloud services; the number of entry points an attacker has into the network grows exponentially […]

June 22, 2015

PERSPECTIVES

Remembering the small things: IT Security

2 min read

There are many tasks and responsibilities of the (lone) IT sysadmin, they are sometimes varied, sometimes monotonous.  We know what they are without thinking about them, as if they are unwritten commandments, specific to the IT world. Security has featured greatly in the world news over the past few years, and even more so within […]

May 4, 2015

THREAT RESEARCH

Threat Spotlight: Rombertik – Gazing Past the Smoke, Mirrors, and Trapdoors

9 min read

This post was authored by Ben Baker and Alex Chiu. Executive Summary Threat actors and security researchers are constantly looking for ways to better detect and evade each other.  As researchers have become more adept and efficient at malware analysis, malware authors have made an effort to build more evasive samples.  Better static, dynamic, and automated analysis tools […]

April 20, 2015

THREAT RESEARCH

Threat Spotlight: Upatre – Say No to Drones, Say Yes to Malware

7 min read

This post was authored by Nick Biasini and Joel Esler Talos has observed an explosion of malicious downloaders in 2015 which we’ve documented on several occasions on our blog. These downloaders provide a method for attackers to push different types of malware to endpoint systems easily and effectively. Upatre is an example of a malicious […]