Determining the 10 most critical vulnerabilities on your network
Learn how to take threat intelligence data available in Cisco Vulnerability Management and use it to uncover trends in Cisco Secure Firewall, uncovering new insights.
The myth of the long-tail vulnerability
A long tail distribution of exploit attempts sounds reasonable. But is this how exploitation attempts really play out? Do attackers abandon exploits after a certain stage? To answer these questions, we’ll look at Snort data from Cisco Secure Firewall.
Snort 3: Rearchitected for Simplicity and Performance
Snort has become the standard by which all network intrusion detection systems are measured. Snort 3, released in January 2021 is a significant upgrade.
Microsoft Netlogon exploitation continues to rise
Cisco Talos is tracking a spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472, an elevation of privilege bug in Netlogon, outlined in the August Microsoft Patch Tuesday report. The vulnerability stems from a flaw in a cryptographic authentication scheme used by the Netlogon Remote Protocol which — among other things — can be used […]
Why we want users’ feedback on Snort rule documentation
Today, Talos is launching a new community survey to solicit feedback on SNORTⓇ documentation. When Snort alerts the end user, the rule documentation is their first and possibly only avenue...
2017 in Snort Signatures.
2017 was an eventful year for cyber security with high profile vulnerabilities that allowed self-replicating worm attacks such as WannaCry and BadRabbit to impact...
Threat Round Up for Nov 10 – Nov 17
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between November 10 and November 17. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]