The Shadow Brokers EPICBANANA and EXTRABACON Exploits
UPDATE April 20, 2017 Cisco continues to evaluate potential implications of the activities and information posted publicly by the Shadow Brokers Group. We launched an investigation to analyze the new files posted on April 14th, 2017, and so far have not found any new vulnerabilities or exploits that affect Cisco products and services. Cisco PSIRT will […]
CryptXXX Technical Deep Dive
0.0 Introduction: In our previous post we discussed the AMP ThreatGrid Research and Efficacy Team’s continuous support for Ransomware attack vectors, generic behavior detection of un-discovered variants, and the creation of behavioral indicators once new variants are identified. In this post we’ll be discussing one of the more prevalent variants to surface in the wake […]
A Key Ingredient Organizations Need to Combat Advanced Cyber Threats
CFOs, and their technical counterparts, are leading board-room level strategic information security decisions. This isn’t a surprise. A recent Accenture study noted that 75 percent of CFOs are “getting in the driver seat” regarding technology investment decisions. Flexibility, in regards to both financial and technical considerations, is critical to a successful security strategy. CFOs are […]
Vulnerability Spotlight: Multiple Remote Code Execution Vulnerabilities Within Lexmark Perceptive Document Filters.
Vulnerabilities discovered by Tyler Bohan & Marcin Noga of Cisco Talos. Talos are today releasing three new vulnerabilities discovered within the Lexmark Perceptive Document Filters library. TALOS-2016-0172, TALOS-2016-0173 and TALOS-2016-0183 allow for a remote code execution using specifically crafted files. These vulnerabilities are present in the Lexmark Document filter parsing engine which is used across […]
Vulnerability Spotlight: Rockwell Automation MicroLogix 1400 SNMP Credentials Vulnerability
This vulnerability was discovered by Patrick DeSantis. Description Talos recently discovered a vulnerability in Allen-Bradley Rockwell Automation MicroLogix 1400 Programmable Logic Controllers (PLCs) related to the default configuration that is shipped with devices running affected versions of firmware. This vulnerability is due to the presence of an undocumented SNMP community string that could be leveraged […]
Cisco’s Knack for NAC – Cisco ISE Receives Frost & Sullivan Market Leadership Award
Infrastructure is aging, networks are expanding, and more devices are connecting. The Cisco 2016 Midyear Cybersecurity Report finds that attackers are remaining active and undetected for weeks, months, or even longer by taking advantage of well-known vulnerabilities that organizations should have addressed long ago. It isn’t unusual to find organizations using software and systems with […]
Vulnerability Spotlight: BlueStacks App Player Privilege Escalation
Discovered by Marcin ‘Icewall’ Noga of Cisco Talos Talos is releasing an advisory for a vulnerability in BlueStacks App Player. (TALOS-2016-0124/CVE-2016-4288). The BlueStacks App Player is designed to enable Android applications to run on Windows PCs and Macintosh computers. It’s commonly used to run popular Android games on these platforms. Details A weak registry key […]
Cisco achieves 100% detection in Breach test
And why 100% detection is grossly misleading It is with great pride that we received the latest Breach Detection Report from NSS Labs, in which Cisco achieved a 100% detection...
The Time Is Now for Organizations to Address Their Aging Infrastructure
Cisco has been working to draw attention to the hidden security risks organizations face by not properly maintaining their aging infrastructure and patching vulnerable systems. Threat actors, including ransomware operators, are using vulnerable Internet infrastructure as a foothold to launch their campaigns. The trends lead us to believe we should expect to see more of […]
Why Cisco Security?
Explore our Products & Services
Subscribe to our Blogs
Stay up to date and get the latest blogs from Cisco Security