Security

1 min read

This post is authored by Paul Rascagneres with contributions from Alex McDonnell Executive Summary Talos has discovered a new spam campaign used to infect targets with the well known  Loki Bot stealer. The infection vector is an RTF document abusing an old exploit (CVE-2012-1856), however the most interesting part is the effort put into the […]

2 min read

Elavon is the fourth-largest payment processing company in the world. They process more than 3 billion transactions annually, worth more than $300 billion. Elavon has more than a million customers and is a leading payment solutions provider for airlines and a top five provider for hospitality, healthcare, and retail. With a globally distributed network that […]

1 min read

Overview LabVIEW is a system design and development platform released by National Instruments. The software is widely used to create applications for data acquisition, instrument control and industrial automation. Talos is disclosing the presence of a code execution vulnerability and a memory corruption vulnerability which can be triggered by opening specially crafted VI files, the […]

2 min read

Today, we released the first Cisco IOS & IOS XE Software Security Advisory Bundled Publication of 2017. (As a reminder, Cisco discloses vulnerabilities in Cisco IOS and IOS XE Software on a predictable schedule—the fourth Wednesday of March and September in each calendar year).  Today’s edition of the Cisco IOS & IOS XE Software Security Advisory […]

3 min read

[Blog authored by Aaron Weis and Samuel Wigley] Cisco has been measuring our security products’ median “time to detection” (TTD) — the window of time between a compromise and detection of a threat — since 2015. This exercise is a way for us to benchmark our progress, and continually refine our approach, to detecting threats. […]

1 min read

The post was authored by Sean Baird, Edmund Brumaghin and Earl Carter, with contributions from Jaeson Schultz. Executive Summary The Necurs botnet is the largest spam botnet in the world. Over the past year it has been used primarily for the distribution of Locky ransomware and Dridex. Earlier this year, we wrote about how the […]

1 min read

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed over the past week. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically protected from […]

2 min read

If you are reading this blog then you most likely understand that APIs allow inter-working among products. In the context of Firepower Management Center, the REST APIs allow programming of the Firepower devices to allow one to automatically provision devices, deploy policies and controls, and monitor device health. In this blog I will try to […]

1 min read

Following a sparse February patch Tuesday, today’s March release brings a bumper crop of fixed vulnerabilities: 17 bulletins covering 140 different vulnerabilities, 47 of which are rated as critical. The critical vulnerabilities affect Internet Explorer, Edge, Hyper-V, Windows PDF Library, Microsoft SMB Server, Uniscribe, Microsoft Graphics Component, Adobe Flash Player and Microsoft Windows. 92 vulnerabilities […]