Security

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between August 11 and August 18. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

3 min read

On May 30, 2017, Cisco and IBM Security announced a key relationship to address the rising tide of security threats and the need to respond rapidly. Cisco and IBM Security will work together to offer specific product integrations, a managed security service provider (MSSP) roadmap, and threat intelligence collaboration programs. The relationship focuses on making […]

1 min read

This post was authored by Dave Liebenberg In the past few months, Talos has observed an uptick in the number of Chinese websites offering online DDoS services. Many of these websites have a nearly identical layout and design, offering a simple interface in which the user selects a target’s host, port, attack method, and duration […]

3 min read

Email continues to be both the number one way business people across the globe communicate, as well as the number one threat vector that can endanger the very thing it is trying to enable, getting business done.  However, our global economy means now, more than ever, senders and receivers of email can be anywhere in […]

1 min read

Since public disclosure in April 2017, CVE-2017-0199 has been frequently used within malicious Office documents. The vulnerability allows attackers to include Ole2Link objects within RTF documents to launch remote code when HTA applications are opened and parsed by Microsoft Word. In this recent campaign, attackers combined CVE-2017-0199 exploitation with an earlier exploit, CVE-2012-0158, possibly in […]

1 min read

This blog was authored by Paul Rascagneres. Introduction JavaScript is frequently used by malware authors to execute malicious code on Windows systems because it is powerful, natively available and rarely disabled. Our previous article on .NET analysis generated much interest relating to how to use WinDBG to analyse .js files. In this post we extend our description of […]

8 min read

In our previous blog posts about AMP and Threat Grid on Cisco Email Security, we have discussed the approach to email security, that organizations could take to protect themselves against advanced threats. We have as well discussed the components of the solution and how they work together to protect customers from the number one threat […]

1 min read

Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month’s advisory release addresses 48 new vulnerabilities with 25 of them rated critical, 21 rated important, and 2 rated moderate. These vulnerabilities impact Edge, Hyper-V, Internet Explorer, Remote Desktop Protocol, Sharepoint, SQL Server, the […]

1 min read

Parser vulnerabilities in common software packages such as Adobe Acrobat Reader pose a significant security risk to large portions of the internet. The fact that these software packages typically have a large footprints often gives attackers a broad attack surface they can potentially leverage for malicious purposes. Thus, identifying vulnerabilities and responsibly disclosing them is […]