mitigations

September 28, 2020

SECURITY

MITRE ATT&CK: The Magic of User Training

4 min read

How magical can user training be? You'll be surprised at what Cisco and MITRE ATT&CK make possible. Shared responsibility is what really matters.

April 2, 2015

THREAT RESEARCH

Research Spotlight: FreeSentry Mitigating use-after-free Vulnerabilities

13 min read

This post was authored by Earl Carter & Yves Younan. Talos is constantly researching the ways in which threat actors take advantage of security weaknesses to exploit systems. Use-after-free vulnerabilities have become an important class of security problems due to the existence of mitigations that protect against other types of vulnerabilities, such as buffer overflows. […]

April 16, 2014

SECURITY

Cisco Live 2014 San Francisco: Security Technology Track

7 min read

Cisco Live, May 18-24, 2014, is quickly approaching and registration is open. This is the 25th anniversary of Cisco Live and we return to the Bay Area at San Francisco's Moscone Center. Educational sessions are organized into technology tracks to make it easy to find the topics that most interest you. With network and data security being top of mind, I'd like to highlight the Security technology track's exciting content lineup.

May 1, 2013

SECURITY

Coordinated Attacks Against the U.S. Government and Banking Infrastructure

8 min read

Prologue On April 10, 2013, a collective of politically motivated hacktivists announced a round of planned attacks called #OPUSA. These attacks, slated to begin May 7, 2013, are to be launched against U.S.-based targets. #OPUSA is a follow-up to #OPISRAEL, which were a series of attacks carried out on April 7 against Israeli-based targets. Our goal here is to […]

April 5, 2013

SECURITY

Cross-Site Request Forgery Attacks and Mitigations

1 min read

Cross-Site Request Forgery (CSRF) attacks: there are already enough articles out there that can explain what a CSRF attack is and provide potential examples. There are also plenty of security alerts that have been released by various vendors whose products are affected by CSRF-related vulnerabilities. CSRF attacks usually target web applications and attempt to make […]