Threat Round-up for the Week of Mar 20 – Mar 24
Talos is publishing a summary glimpse into the most prevalent threats observed over the past week.
How Malformed RTF Defeats Security Engines
This post is authored by Paul Rascagneres with contributions from Alex McDonnell Executive Summary Talos has discovered a new spam campaign used to infect targets with the well known Loki Bot stealer. The infection vector is an RTF document abusing an old exploit (CVE-2012-1856), however the most interesting part is the effort put into the […]
Payment Processor Secures Global Network with Stealthwatch
Elavon is the fourth-largest payment processing company in the world. They process more than 3 billion transactions annually, worth more than $300 billion. Elavon has more than a million customers and is a leading payment solutions provider for airlines and a top five provider for hospitality, healthcare, and retail. With a globally distributed network that […]
Vulnerability Spotlight: Code Execution Vulnerability in LabVIEW
Overview LabVIEW is a system design and development platform released by National Instruments. The software is widely used to create applications for data acquisition, instrument control and industrial automation. Talos is disclosing the presence of a code execution vulnerability and a memory corruption vulnerability which can be triggered by opening specially crafted VI files, the […]
March 2017 Cisco IOS & IOS XE Software Bundled Publication
Today, we released the first Cisco IOS & IOS XE Software Security Advisory Bundled Publication of 2017. (As a reminder, Cisco discloses vulnerabilities in Cisco IOS and IOS XE Software on a predictable schedule—the fourth Wednesday of March and September in each calendar year). Today’s edition of the Cisco IOS & IOS XE Software Security Advisory […]
“Time to Evolve” Analysis Yields New Insight on Malware Obfuscation Techniques and Adds Dimension to “Time to Dete …
[Blog authored by Aaron Weis and Samuel Wigley] Cisco has been measuring our security products’ median “time to detection” (TTD) — the window of time between a compromise and detection of a threat — since 2015. This exercise is a way for us to benchmark our progress, and continually refine our approach, to detecting threats. […]
Necurs Diversifies Its Portfolio
The post was authored by Sean Baird, Edmund Brumaghin and Earl Carter, with contributions from Jaeson Schultz. Executive Summary The Necurs botnet is the largest spam botnet in the world. Over the past year it has been used primarily for the distribution of Locky ransomware and Dridex. Earlier this year, we wrote about how the […]
Threat Round-up for the Week of Mar 13 – Mar 17
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed over the past week. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically protected from […]
How to get started on programming Firepower using FMC APIs?
If you are reading this blog then you most likely understand that APIs allow inter-working among products. In the context of Firepower Management Center, the REST APIs allow programming of the Firepower devices to allow one to automatically provision devices, deploy policies and controls, and monitor device health. In this blog I will try to […]
Why Cisco Security?
Explore our Products & Services
Get Security Blogs via Email
Stay up to date and get the latest blogs from Cisco Security