This post was authored by Nick Biasini and Joel Esler Talos has observed an explosion of malicious downloaders in 2015 which we’ve documented on several occasions on our blog. These downloaders provide a method for attackers to push different types of
To address today’s evolving threat landscape, there’s been a shift from traditional event-driven security to intelligence-led security. Threat intelligence plays an integral role in this shift. When you hear the term “Threat Intelligence,” it’s easy
Cyber-Security: it has always been important for video entertainment companies. But times have changed- now it’s mission critical. Top of mind again this last few days, the events of the...
This post was authored by Alex Chiu & Angel Villegas. Overview Banking and sensitive financial information is a highly coveted target for attackers because of the high value and obvious financial implications. In the past year, a large amount of
Cisco Talos is aware of the public discourse surrounding the malware family dubbed “The Equation Family”. As of February 17th the following rules (33543 – 33546 MALWARE-CNC Win.Trojan.Equation) were released to detect the Equation Family
The Cisco 2015 Annual Security Report highlights many creative techniques that attackers are exploiting to conceal malicious activity, often taking advantage of gaps in security programs. They are continually refining and developing new techniques to
Advanced malware is dynamic, elusive, and evasive. Once it slithers into the organization’s extended network, it can very quickly proliferate, cause problems, and remain undetected by traditional point-in-time security tools. These tools poll or
This post was authored by Christopher Marczewski with contributions from Craig WIlliams *This blog post has been updated to include Command and Control IP addresses used by the malware. A new piece of wiper malware has received quite a bit of media
This post was authored by Alex Chiu and Shaun Hurley. Last month, Microsoft released a security bulletin to patch CVE-2014-6332, a vulnerability within Windows Object Linking and Embedding (OLE) that could result in remote code execution if a user
