- Our Favorite Topics:
From Privacy to Trust and ROI
3 min read
The latest Cisco Data Privacy Benchmark Study provides groundbreaking research and insights on keeping data safe, earning customer trust and maximizing investments in data privacy.
Threat Roundup for January 17 to January 24
1 min read
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 17 and Jan 24. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]
Breaking down a two-year run of Vivin’s cryptominers
1 min read
News Summary There is another large-scale cryptomining attack from an actor we are tracking as “Vivin” that has been active since at least November 2017. “Vivin” has consistently evolved over the past few years, despite having poor operational security and exposing key details of their campaign. By Andrew Windsor. Talos has identified a new threat […]
Threat Roundup for January 10 to January 17
1 min read
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 10 and Jan 17. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]
JhoneRAT: Cloud based python RAT targeting Middle Eastern countries
1 min read
Today, Cisco Talos is unveiling the details of a new RAT we have identified we’re calling “JhoneRAT.” This new RAT is dropped to the victims via malicious Microsoft Office documents. The dropper, along with the Python RAT, attempts to gather information on the victim’s machine and then uses multiple cloud services: Google Drive, Twitter, ImgBB […]
Disk Image Deception
11 min read
Cisco's Computer Security Incident Response Team (CSIRT) detected a large and ongoing malspam campaign leveraging the .IMG file extension to bypass automated malware analysis tools and infect machines with a variety of Remote Access Trojans. During our investigation, we observed multiple tactics, techniques, and procedures (TTPs) that defenders can monitor for in their environments. Our incident response and security monitoring team's analysis on a suspicious phishing attack uncovered some helpful improvements in our detection capabilities and timing.
New Snort rules protect against recently discovered Citrix vulnerability
1 min read
By Edmund Brumaghin, with contributions from Dalton Schaadt. Executive Summary Recently, the details of a critical vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway servers were publicly disclosed. This vulnerability is currently being tracked using CVE-2019-19781. A public patch has not yet been released, however, Citrix has released recommendations for steps that affected organizations […]
Tour the RSA Conference 2020 Security Operations Center
1 min read
Register now for your free tour of the RSA Conference Security Operations Center (SOC), where engineers are monitoring all traffic on the Moscone Wireless Network for security threats. The SOC is sponsored by RSA and Cisco. Sign up for a guided tour, where we’ll show real time traffic in NetWitness Packets, plus advanced malware analysis, […]
Threat Roundup for January 3 to January 10
1 min read
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 3 and Jan 10. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how our customers are […]
Cisco Cybersecurity Viewpoints
Where security insights and innovation meet. Read the e-book, see the video, dive into the infographic and more...
Why Cisco Security?
Explore our Products & Services
3