Threat Research

Cisco Identifies Multiple Vulnerabilities in Network Time Protocol daemon (ntpd)

Cisco is committed to improving the overall security of the products and services our customers rely on. As part of this commitment, Cisco assesses the security of software components used in our products. Open source software plays a key role in many

October 21, 2015 • 1 min read

Talos Group

Dangerous Clipboard: Analysis of the MS15-072 Patch

This post was authored by Marcin Noga with contributions from Jaeson Schultz. Have you ever thought about how security researchers take a patch that has been released, and then reverse it to find the underlying security issue? Well, back In July

October 20, 2015 • 1 min read

Talos Group

Project Aspis

One of the hardest jobs on the Internet is to work the abuse desk at a hosting provider. These teams have to strike a difficult balance between protecting their customers, ensuring that their services aren’t being abused by malicious actors and

October 13, 2015 • 2 min read

Talos Group

Microsoft Patch Tuesday – October 2015

Microsoft’s Patch Tuesday has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is fairly light with a total of 6 bulletins

October 13, 2015 • 4 min read

Talos Group

Threat Spotlight: Cisco Talos Thwarts Access to Massive International Exploit Kit Generating $60M Annually From Ransomwa

This post was authored by Nick Biasini with contributions from Joel Esler, Nick Hebert, Warren Mercer, Matt Olney, Melissa Taylor, and Craig Williams. Executive Summary Today, Cisco struck a blow to a group of hackers, disrupting a significant

October 6, 2015 • 3 min read

Talos Group

Vulnerability Spotlight: MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow

Vulnerability discovered by Aleksandar Nikolic of Cisco Talos. Post authored by Earl Carter and William Largent Talos is disclosing the discovery of an exploitable buffer overflow vulnerability in the the MiniUPnP library TALOS-2015-0035

October 2, 2015 • 3 min read

Talos Group

Down the Rabbit Hole: Botnet Analysis for Non-Reverse Engineers

This post is authored by Earl Carter & Holger Unterbrink. Overview Talos is often tasked with mapping the backend network for a specific piece of malware. One approach is to first reverse engineer the sample and determine exactly how it operates.

September 30, 2015 • 9 min read

Talos Group

SYNful Knock Scanner

This post was authored by William McVey. Update 9/23: We updated the tool to version 1.0.1 Talos is constantly researching the ways in which threat actors are evolving to exploit systems. Recently, a piece of persistent malware coined as “SYNful

September 23, 2015 • 3 min read

Talos Group

When Does Software Start Becoming Malware?

This post was authored by Earl Carter, Alex Chiu, Joel Esler, Geoff Serrao, and Brandon Stultz. Defining what is malware relies on determining when undesirable behavior crosses the line from benign to clearly unwanted. The lack of a single standard

September 15, 2015 • 6 min read

Cisco Blogs

Threat Research

Our Favorite Topics:

Threat Research

Cisco Identifies Multiple Vulnerabilities in Network Time Protocol daemon (ntpd)

Dangerous Clipboard: Analysis of the MS15-072 Patch

Project Aspis

Microsoft Patch Tuesday – October 2015

Threat Spotlight: Cisco Talos Thwarts Access to Massive International Exploit Kit Generating $60M Annually From Ransomwa

Vulnerability Spotlight: MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow

Down the Rabbit Hole: Botnet Analysis for Non-Reverse Engineers

SYNful Knock Scanner

When Does Software Start Becoming Malware?