- Our Favorite Topics:
How Malformed RTF Defeats Security Engines
1 min read
This post is authored by Paul Rascagneres with contributions from Alex McDonnell Executive Summary Talos has discovered a new spam campaign used to infect targets with the well known Loki Bot stealer. The infection vector is an RTF document abusing an old exploit (CVE-2012-1856), however the most interesting part is the effort put into the […]
Payment Processor Secures Global Network with Stealthwatch
2 min read
Elavon is the fourth-largest payment processing company in the world. They process more than 3 billion transactions annually, worth more than $300 billion. Elavon has more than a million customers and is a leading payment solutions provider for airlines and a top five provider for hospitality, healthcare, and retail. With a globally distributed network that […]
Vulnerability Spotlight: Code Execution Vulnerability in LabVIEW
1 min read
Overview LabVIEW is a system design and development platform released by National Instruments. The software is widely used to create applications for data acquisition, instrument control and industrial automation. Talos is disclosing the presence of a code execution vulnerability and a memory corruption vulnerability which can be triggered by opening specially crafted VI files, the […]
March 2017 Cisco IOS & IOS XE Software Bundled Publication
2 min read
Today, we released the first Cisco IOS & IOS XE Software Security Advisory Bundled Publication of 2017. (As a reminder, Cisco discloses vulnerabilities in Cisco IOS and IOS XE Software on a predictable schedule—the fourth Wednesday of March and September in each calendar year). Today’s edition of the Cisco IOS & IOS XE Software Security Advisory […]
“Time to Evolve” Analysis Yields New Insight on Malware Obfuscation Techniques and Adds Dimension to “Time to Dete …
3 min read
[Blog authored by Aaron Weis and Samuel Wigley] Cisco has been measuring our security products’ median “time to detection” (TTD) — the window of time between a compromise and detection of a threat — since 2015. This exercise is a way for us to benchmark our progress, and continually refine our approach, to detecting threats. […]
Necurs Diversifies Its Portfolio
1 min read
The post was authored by Sean Baird, Edmund Brumaghin and Earl Carter, with contributions from Jaeson Schultz. Executive Summary The Necurs botnet is the largest spam botnet in the world. Over the past year it has been used primarily for the distribution of Locky ransomware and Dridex. Earlier this year, we wrote about how the […]
Threat Round-up for the Week of Mar 13 – Mar 17
1 min read
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed over the past week. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically protected from […]
How to get started on programming Firepower using FMC APIs?
2 min read
If you are reading this blog then you most likely understand that APIs allow inter-working among products. In the context of Firepower Management Center, the REST APIs allow programming of the Firepower devices to allow one to automatically provision devices, deploy policies and controls, and monitor device health. In this blog I will try to […]
Microsoft Patch Tuesday – March 2017
1 min read
Following a sparse February patch Tuesday, today’s March release brings a bumper crop of fixed vulnerabilities: 17 bulletins covering 140 different vulnerabilities, 47 of which are rated as critical. The critical vulnerabilities affect Internet Explorer, Edge, Hyper-V, Windows PDF Library, Microsoft SMB Server, Uniscribe, Microsoft Graphics Component, Adobe Flash Player and Microsoft Windows. 92 vulnerabilities […]
Cisco Cybersecurity Viewpoints
Where security insights and innovation meet. Read the e-book, see the video, dive into the infographic and more...
Why Cisco Security?
Explore our Products & Services