Security

1 min read

Discovered by Marcin ‘Icewall’ Noga of Cisco Talos. Talos are today releasing a new vulnerability discovered within the Lexmark Perceptive Document Filters library. TALOS-2017-0302 allows for information disclosure using specifically crafted files. Overview The vulnerability is present in the Lexmark Document filter parsing engine which is used across a wide range of services such as […]

3 min read

Earlier this month, I wrote about the need for a holistic security strategy for the Internet of Things (IoT). It’s more than securing a ‘thing’ within the IoT – it’s about building resilience for the whole system. Cyber resilience is about managing risk; identifying potential risks, evaluating the likelihood of them occurring and their negative […]

3 min read

When I ask the question of Healthcare CIOs and CISOs “What keeps you up at night?” one of the most common answers I receive – after the usual jokes about indigestion, or the snoring spouse, is the problem of what to do about securing medical devices in our hospitals. Most healthcare executives are acutely aware […]

1 min read

On Friday, April 14, the actor group identifying itself as the Shadow Brokers released new information containing exploits for vulnerabilities that affect various versions of Microsoft Windows as well as applications such as Lotus Domino. Additionally, the release included previously unknown tools, including an exploitation framework identified as “FUZZBUNCH.” Preliminary analysis of the information suggested […]

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 7 and April 14. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

1 min read

Over the past week, information regarding a serious zero-day vulnerability (CVE-2017-0199) in Microsoft Office was publically disclosed. Since learning of this flaw, Talos has been actively investigating the issue. Preliminary reports indicated that this vulnerability was actively being exploited in the wild and used to compromise hosts with Dridex, a well-known banking trojan. On Tuesday, […]

2 min read

Global analyst firm IDC recently named Cisco AMP for Endpoints a leader amongst endpoint security solutions in their report, “IDC Marketscape: Worldwide Endpoint Specialized Threat Analysis and Protection 2017 Vendor Assessment” (April 2017, IDC #US42385717). The IDC study examines market-leading endpoint security solutions from 11 different vendors, based on a variety of different parameters, including solution […]

1 min read

Today we bring you April’s Microsoft Patch Tuesday information for vulnerabilities in Outlook, Edge, Internet Explorer, Hyper-V, .NET, and Scripting Engine.

3 min read

Win with Network Monitoring The Cisco Security Incident Response Service team works every day with customers who have either experienced a data breach or have engaged our team to help ensure they are prepared for an incident before it occurs. Our incident responders recently worked with a client whose organization had been targeted with destructive […]