Security @ Cisco Blogs

Security

Threat Spotlight: Cisco Talos Thwarts Access to Massive International Exploit Kit Generating $60M Annually From Ransomwa

This post was authored by Nick Biasini with contributions from Joel Esler, Nick Hebert, Warren Mercer, Matt Olney, Melissa Taylor, and Craig Williams. Executive Summary Today, Cisco struck a blow to a group of hackers, disrupting a significant

October 6, 2015 • 3 min read

Omar Santos

Improvements to Cisco’s Security Vulnerability Disclosures

Cisco is committed to protecting customers by sharing critical security-related information in different formats. Guided by customer feedback, Cisco’s Product Security Incident Response Team (PSIRT) is seeking ways to improve how we communicate

October 5, 2015 • 5 min read

Talos Group

Vulnerability Spotlight: MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow

Vulnerability discovered by Aleksandar Nikolic of Cisco Talos. Post authored by Earl Carter and William Largent Talos is disclosing the discovery of an exploitable buffer overflow vulnerability in the the MiniUPnP library TALOS-2015-0035

October 2, 2015 • 3 min read

Mary Ellen Zurko

Looking Into a Crystal Ball for the Future of Cybersecurity

Every once in a while you need to take a step back, and think about the future. Where’s a good place to look for high risk, high opportunity ideas in the future of computer security? New Security Paradigms Workshop (NSPW) is a crystal ball view into

October 2, 2015 • 3 min read

Talos Group

Down the Rabbit Hole: Botnet Analysis for Non-Reverse Engineers

This post is authored by Earl Carter & Holger Unterbrink. Overview Talos is often tasked with mapping the backend network for a specific piece of malware. One approach is to first reverse engineer the sample and determine exactly how it operates.

September 30, 2015 • 9 min read

Tom Hogue

Point of Persistence

Several recent cyber attacks have served as great reminders that we need to continue to re-assess how we are protecting our networks and ensure that we make no assumptions of any device being secure in the network. One example of this is “SYNFul

September 25, 2015 • 2 min read

Erin Float

It’s That Time Again—Announcing the Cisco IOS & XE Software Security Advisory Bundled Publication

Today, we released the last Cisco IOS & XE Software Security Advisory Bundled Publication of 2015. As a reminder, Cisco discloses IOS vulnerabilities on a predictable schedule (the fourth Wednesday of March and September each calendar year). Last

September 23, 2015 • 1 min read

Talos Group

SYNful Knock Scanner

This post was authored by William McVey. Update 9/23: We updated the tool to version 1.0.1 Talos is constantly researching the ways in which threat actors are evolving to exploit systems. Recently, a piece of persistent malware coined as “SYNful

September 23, 2015 • 3 min read

Michal Svoboda

Cognitive Research: Fake Blogs Generating Real Money

Summary In the past several months Cisco Cognitive Threat Analytics (CTA) researchers have observed a number of blog sites using either fake content or content stolen from other sites to...

September 23, 2015 • 5 min read

Cisco Blogs

Security

Our Favorite Topics:

Security

Threat Spotlight: Cisco Talos Thwarts Access to Massive International Exploit Kit Generating $60M Annually From Ransomwa

Improvements to Cisco’s Security Vulnerability Disclosures

Vulnerability Spotlight: MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow

Looking Into a Crystal Ball for the Future of Cybersecurity

Down the Rabbit Hole: Botnet Analysis for Non-Reverse Engineers

Point of Persistence

It’s That Time Again—Announcing the Cisco IOS & XE Software Security Advisory Bundled Publication

SYNful Knock Scanner

Cognitive Research: Fake Blogs Generating Real Money

Cisco Cybersecurity Viewpoints

Why Cisco Security?