Raspberry Robin: Highly Evasive Worm Spreads over External Disks
During our threat hunting exercises in recent months, we’ve started to observe a distinguishing pattern of msiexec.exe usage across different endpoints.
Cognitive Intelligence
A compelling story
Ways of structuring the presentation of machine-generated alerts, so that each alert offers a cohesive and compelling narrative.
Network Footprints of Gamaredon Group
This blog post contains observations of Cognitive Intelligence Team over Gamaredon Group's activities during the month of March 2022
Intelligent alert management
We all know what alert fatigue is. In this blog, we explore how we tackle it. How does our Alert Fusion system work?
Emotet is Back
We summarise in this blog Emotet threat, it’s lifecycle and typical detectable patterns. In the second part of the blog we show how to use GTA.
How to Respond to Apache Log4j using Cisco Secure Analytics
Security professionals are working to assess their exposure to Apache Log4j vulnerability (CVE-2021-44228). The following guide on how to respond is here.
What are you missing when you don’t enable global threat alerts?
Network telemetry can identify user behaviors, malicious tools installed in enterprise environments, and malware itself. Are you applying a global view to your network? If not, read on to learn more.
Cisco Security at Work: Threatwall at Mobile World Congress 2019
The Threatwall is a live display of threats on open conference wireless networks wherever it is deployed, such as Cisco Live or WMC, providing valuable insights on network traffic trends.
Defeating Polymorphic Malware with Cognitive Intelligence. Part 2: Command Line Argument…
Command Line Argument Clustering algorithm is an innovative weapon that works for security analysts to help uncover evasive malware and morphing threats in their environments.