Security

A new approach to segmentation that simply delivers more Network segmentation has been around for quite a while as a way to isolate environments and critical systems to secure data and IT assets. Recent breaches have highlighted the value of segmentation in reducing the attack surface and preventing the lateral movement of targeted malware. But […]

The recent discovery of Wekby and Point of Sale malware using DNS requests as a command and control channel highlights the need to consider DNS as a potentially malicious channel. Although a skilled analyst may be able to quickly spot unusual activity because they are familiar with their organisation’s normal DNS activity, manually reviewing DNS […]

Vulnerability discovered by Aleksandar Nikolic of Cisco Talos. Talos is disclosing the presence of CVE-2016-4324 / TALOS-CAN-0126, a Use After Free vulnerability within the RTF parser of LibreOffice. The vulnerability lies in the parsing of documents containing both stylesheet and superscript tokens. A specially crafted RTF document containing both a stylesheet and superscript element causes […]

Cisco Further Expands Technology Partner Ecosystem – New Partners and New Tech Integration Areas  Security is an interconnected system, not a bunch of disparate boxes.  Like a school of fish, security should operate collaboratively to accomplish a goal. Not just for the sake of “integration”, but because the very nature of securing networks, applications and […]

We can no longer debate the reality of digital disruption and its impact on each of us in all we do, at work, at home and at play. Today’s challenge is to embrace the connected world and address security on a comprehensive continuum to ensure its optimum impact. To do this, we must look at […]

The Department of Homeland Security (DHS) issued a SAFETY Act Certification to Cisco for our Advanced Malware Protection for Networks technology. This certification follows an extensive DHS review and extends potential liability protections to Cisco’s customers that use AMP for Networks. Congrats to Cisco Systems, Inc., on their recent SAFETY Act Certification! More at: https://t.co/gDaVn0Pzkxpic.twitter.com/zHsmf1YajT […]

These vulnerabilities were discovered by Yves Younan. Pidgin is a universal chat client that is used on millions of systems worldwide. The Pidgin chat client enables you to communicate on multiple chat networks simultaneously. Talos has identified multiple vulnerabilities in the way Pidgin handles the MXit protocol. These vulnerabilities fall into the following four categories. […]

libarchive is an open-source library that provides access to a variety of different file archive formats, and it’s used just about everywhere. Cisco Talos has recently worked with the maintainers of libarchive to patch three rather severe bugs in the library. Because of the number of products that include libarchive in their handling of compressed […]

New email security release adds spoofing protection, auto-remediation of malware for Office 365 customers, AMP Private Cloud, and more. There’s been a spike in ransomware and spear-phishing attacks in the last several months. Read any news outlet and you’ll find examples of health records and other valuable data being locked up, employees duped into releasing […]