Determining the 10 most critical vulnerabilities on your network
Learn how to take threat intelligence data available in Cisco Vulnerability Management and use it to uncover trends in Cisco Secure Firewall, uncovering new insights.
Exploits
The myth of the long-tail vulnerability
A long tail distribution of exploit attempts sounds reasonable. But is this how exploitation attempts really play out? Do attackers abandon exploits after a certain stage? To answer these questions, we’ll look at Snort data from Cisco Secure Firewall.
Threat Trends: Snort IPS
In this ThreatWise TV episode we look at how Snort can be used to protect organizations, analyze Snort telemetry, and talk about what attackers often target.
Threat Trends: Vulnerabilities
Are the most talked about vulnerabilities the same as those that are most widely used in attacks?
Vulnerability Spotlight: TALOS-2017-0393 / CVE-2017-2886 – ACDSee Ultimate 10 Remote Code Execution Vulnerability
Overview Talos has discovered a remote code execution vulnerability in the ACDSee Ultimate 10 application from ACD Systems International Inc. Exploiting this vulnerabilities can potentially allow an attacker to gain full control over the
When combining exploits for added effect goes wrong
Since public disclosure in April 2017, CVE-2017-0199 has been frequently used within malicious Office documents. The vulnerability allows attackers to include Ole2Link objects within RTF documents to launch remote code when HTA applications are opened
Modified Zyklon and plugins from India
Streams of malicious emails Talos inspects every day usually consist of active spamming campaigns for various ransomware families, phishing campaigns and the common malware family suspects such as banking Trojans and bots.. It is however often more
Cisco 2014 Midyear Security Report: Exploit Kit Creators Vying for ‘Market Leader’ Role
Even in the world of cybercrime, when a top “vendor” drops out of the market, competitors will scurry to fill the void with their own products. As reported in the Cisco 2014 Midyear Security Report, when Paunch—the alleged creator and
Introducing Kvasir
Cisco’s Advanced Services has been performing penetration tests for our customers since the acquisition of the Wheel Group in 1998. We call them Security Posture Assessments, or SPA for short, and I’ve been pen testing for just about as