- Our Favorite Topics:
Vulnerability Spotlight: Exploiting the Aerospike Database Server
1 min read
Vulnerabilities discovered by Talos Talos is disclosing multiple vulnerabilities discovered in the Aerospike Database Server. These vulnerabilities range from memory disclosure to potential remote code execution. This software is used by various companies that require a high performance NoSQL database. Aerospike fixed these issues in version 3.11. The Aerospike Database Server is both a distributed and […]
2016 – What a Year for Cisco Security
3 min read
What a giant year for Cisco Security! In 2016, we pursued our effective security architecture with innovative solutions – from the network to the endpoint to the cloud. I couldn’t...
Microsoft Patch Tuesday – January 2017
1 min read
Happy New Year to our readers! Today marks the first Patch Tuesday of 2017 with Microsoft releasing their monthly set of bulletins designed to address security vulnerabilities. This month’s release is relatively light with 4 bulletins addressing 3 vulnerabilities. Two bulletins are rated critical and address vulnerabilities in Office and Adobe Flash Player while the […]
Cisco Coverage for ‘GRIZZLY STEPPE’
1 min read
Over the past several weeks, there have been ongoing discussions regarding cyber attacks that have occurred against several political, governmental, and private sector entities in the United States. These discussions have revolved around allegations that these cyber attacks were designed to interfere with the 2016 U.S. Federal Elections as well as identifying who is responsible […]
The impact on network security through encrypted protocols – HTTP/2
4 min read
This is the start of a planned series of posts around the impact that new protocols are making on the way many of us deal with network security today. The protocols we have been using on the internet, mainly TCP with HTTP 1.1, have shown that they cannot deal with today’s requirements for fast and […]
IEC 104 Protocol Detection Rules
1 min read
IEC 60870-5-104 Protocol Detection Rules Cisco Talos has released 33 Snort rules which are used to analyze/inspect IEC 60870-5-104 network traffic. These rules will help Industrial Control Systems/Supervisory Control and...
Vulnerability Spotlight: Tarantool Denial of Service Vulnerabilities
1 min read
Vulnerabilities discovered by Talos Talos is disclosing two denial of service vulnerabilities (CVE-2016-9036 & CVE-2016-9037) in Tarantool. Tarantool is an open-source lua-based application server. While primarily functioning as an application server, it is also capable of providing database-like features and providing an in-memory database which can be queried using a protocol based around the MsgPack […]
In the Eye of the Hailstorm
1 min read
This blog post was authored by Jakob Dohrmann, David Rodriguez, and Jaeson Schultz. The Cisco Talos and Umbrella research teams are deploying a distributed hailstorm detection system which brings together machine learning, stream processing of DNS requests and the curated Talos email corpus. Talos has discussed snowshoe spam before. Traditional snowshoe spam campaigns are sent […]
To be Effective, Security Needs to Be a Force Multiplier
4 min read
Effective security is simple, open, and automated. We’ve already talked about simple and open. Now let’s talk about automated. Security admins can relate to this scenario. You just learned of an infected system in your environment of thousands of devices. How many others are affected? That’s hard to figure out even in elite operations. What […]
Cisco Cybersecurity Viewpoints
Where security insights and innovation meet. Read the e-book, see the video, dive into the infographic and more...
Why Cisco Security?
Explore our Products & Services
1