cyber attack

We speak to Cisco Talos’ US Outreach Team lead Nick Biasini about the unfolding events of the REvil ransomware campaign and Kaseya VSA supply chain attack.

Mapping Cisco Security Products to NIST Cybersecurity Framework Categories. We discuss the basics of NIST then extend the mapping done earlier.

This blog supports our ATT&CK thought leadership material by focusing on our application and workload security story, including how we at Cisco protect our own software.

It's easy to overlook essential suppliers, partners, and service providers as possible pathways for cyberattacks. But the shocking cyberattack discovered in December shined a bright light on supply chain vulnerabilities, showing how trust can be exploited.

Organizations must remain constantly alert to detect and defend against the latest cybersecurity threats. Taking basic protection steps can go a long way in reducing vulnerabilities.

In our first blog, we introduced the Magic of Mitigations. They’re the key to getting started with MITRE ATT&CK. Now let’s look at some of the most magical ones, starting today with Behavior Prevention on Endpoint (M1040), Exploit Protection (M1050) and Execution Prevention (M1038). Wait, what’s the difference? At a quick glance, they might all […]

When learning new things, sometimes we need to slow down and take it all in. For me, understanding MITRE ATT&CK was like that. Sure, the notion of thinking like an attacker made sense, and its structure was clear. Then came the “now what?” moment. Soon I discovered the key to getting started. May I share it with you?

Cisco's Computer Security Incident Response Team (CSIRT) detected a large and ongoing malspam campaign leveraging the .IMG file extension to bypass automated malware analysis tools and infect machines with a variety of Remote Access Trojans. During our investigation, we observed multiple tactics, techniques, and procedures (TTPs) that defenders can monitor for in their environments. Our incident response and security monitoring team's analysis on a suspicious phishing attack uncovered some helpful improvements in our detection capabilities and timing.

Use the latest Cisco cybersecurity report to understand the current cyber threat landscape, and test how your organization would perform against these attacks.