Avatar

Martin Lee

Technical Lead of Security Research within Talos, the threat intelligence and threat response group of Cisco.

Please visit my profile on the Talos blog site.

Articles

September 30, 2014

THREAT RESEARCH

Shellshock Exploits in the Wild

This post was authored by Joel Esler & Martin Lee. The recently discovered Bash vulnerability (CVE-2014-6271) potentially allows attackers to execute code on vulnerable systems. We have already blogged about the issue and provided more technical detail in a further blog. The rapid release of IPS signatures for our platforms allowed us to follow very […]

September 25, 2014

THREAT RESEARCH

Another Major Vulnerability Bashes Systems

Vulnerabilities that permit remote network attacks against ubiquitous software components are the nightmares of security professionals. On 24 September the presence of a new vulnerability, CVE-2014-6271 in Bash shell allowing remote code execution was disclosed.

July 21, 2014

SECURITY

Old and Persistent Malware

Malware can find its way into the most unexpected of places. Certainly, no website can be assumed to be always completely free of malware. Typically, there are many ways that websites can be compromised to serve malware:

June 6, 2014

SECURITY

A Collection of Cryptographic Vulnerabilities.

The rustic origins of the English language are evident in the words left to us by our agricultural ancestors. Many words developed to distinguish groups of different animals, presumably to indicate their relevant importance. A ‘flock’ of sheep was more valuable than a single sheep, a ‘pack’ of wolves posed more danger than a single […]

April 28, 2014

SECURITY

IE Zero Day and VGX.dll

Update 5-1-2014: We can confirm Cisco customers have been targets of this attack. For the latest coverage information and additional details see our new post on the VRT blog.  The recent discovery of a new Internet Explorer zero-day exploit underlines how exposed web browsers are to vulnerabilities for which a patch is yet to be released. Cisco is […]

March 20, 2014

SECURITY

Coordinated Website Compromise Campaigns Continue to Plague Internet

This post is co-authored with Levi Gundert and Andrew Tsonchev. Update 2014-03-21: For clarity, the old kernel is a common indicator on the compromised hosts. We are still investigating the vulnerability, and do not yet know what the initial vector is, only that the compromised hosts are similarly ‘old’. Update 2014-03-22: This post’s focus relates […]

March 4, 2014

SECURITY

Big Data Ecosystem Challenges

Information security is one of the largest business problems facing organisations. Log data generated from networks and computer systems can be aggregated, stored, and analysed to identify where misuse occurs. The enormous amount of data involved in these analyses is beyond the capability of traditional systems and requires a new, big data approach. Given the […]

February 25, 2014

SECURITY

Trust but Verify and Verify and Verify Again

Two recent disclosures show that often the weaknesses in cryptography lie not in the algorithms themselves, but in the implementation of these algorithms in functional computer instructions. Mathematics is beautiful. Or at least mathematics triggers the same parts of our brain that respond to beauty in art and music [1]. Cryptography is a particularly beautiful […]

January 8, 2014

SECURITY

Are Third Parties Your Greatest Weakness?

There are many advantages in outsourcing functions to specialist providers that can supply services at lower cost and with more functionality than could be supplied in-house. However, companies should be aware that when buying services, you may also be buying risk. Organisations that have successfully implemented strategies to reduce the probability of experiencing a breach, […]