Articles
Threat Spotlight: Spam Served With a Side of Dridex
5 min read
This post was authored by Nick Biasini with contributions from Kevin Brooks Overview The use of macro enabled word documents has exploded over the last year, a primary example payload being Dridex. Last week, Talos researchers identified another short lived spam campaign that was delivering a new variant of Dridex. This particular campaign lasted less than […]
Research Spotlight: FreeSentry Mitigating use-after-free Vulnerabilities
13 min read
This post was authored by Earl Carter & Yves Younan. Talos is constantly researching the ways in which threat actors take advantage of security weaknesses to exploit systems. Use-after-free vulnerabilities have become an important class of security problems due to the existence of mitigations that protect against other types of vulnerabilities, such as buffer overflows. […]
Research Spotlight: Project FTR
3 min read
Intro Historically, networks have always been at risk for new, undiscovered threats. The risk of state sponsored hackers or criminal organizations utilizing 0-day was a constant, and the best defense was simply to keep adding on technologies to maximize the odds of detecting the new threat – like adding […]
Threat Spotlight: Dyre/Dyreza: An Analysis to Discover the DGA
12 min read
This post was authored by Alex Chiu & Angel Villegas. Overview Banking and sensitive financial information is a highly coveted target for attackers because of the high value and obvious financial implications. In the past year, a large amount of attention has been centered on Point of Sale (PoS) malware due to its major role in […]
Threat Spotlight: The Imperiosus Curse –A Tool of the Dark Arts
9 min read
Authors: William Largent, Jaeson Schultz, Craig Williams. Special thanks to Richard Harman for his contributions to this post. As consumers, we are constantly bombarded by advertising, especially on the World Wide Web. There is a lot of money to be made either pushing Internet traffic, or displaying ads to consumers. Total annual Internet advertising revenue from […]
Research Spotlight: Exploiting Use-After-Free Vulnerabilities
2 min read
This blog post was authored by Earl Carter & Yves Younan. Talos is constantly researching the ways in which threat actors take advantage of security weaknesses to exploit systems. Yves Younan of Talos will be presenting at CanSecWest on Friday March 20th. The topic of his talk will be FreeSentry, a software-based mitigation technique developed […]
Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware
6 min read
This post was authored by Andrea Allievi, Ben Baker, Nick Biasini, JJ Cummings, Douglas Goddard, William Largent, Angel Villegas, and Alain Zidouemba Cisco’s Security Solutions (CSS) consists of information security experts with a unique blend of law enforcement, enterprise security and technology security backgrounds. The team works directly with Cisco’s Talos Security Intelligence & Research […]
Talos Discovery Spotlight: Hundreds of Thousands of Google Apps Domains’ Private WHOIS Information Disclosed
5 min read
This post was authored by Nick Biasini, Alex Chiu, Jaeson Schultz, and Craig Williams. Special thanks to William McVey for his contributions to this post. Table of Contents Overview WHOIS Privacy Protection Why Does This Exist The Issue Implications for the Good/Bad Guys Current State and Mitigations Disclosure Timeline Conclusion Footnotes Overview In mid-2013, a problem […]
Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK Patched
5 min read
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins being released which address 45 CVEs. The first 5 bulletins are rated critical and address vulnerabilities within Internet Explorer, Office, Windows, and VBScript. The remaining 9 bulletins are […]