Snort

February 16, 2017

THREAT RESEARCH

Cisco Coverage for ‘Magic Hound’

‘Magic Hound’ is the code name used to reference a seemingly limited series of malware distribution campaigns that were observed targeting organizations in Saudi Arabia as well as organizations with business interests in Saudi Arabia. Similar to other malware distribution campaigns that Talos has observed and documented, this series of campaigns made use of phishing […]

December 15, 2015

NETWORKING

Snort your way to PCI compliance

When organizations look to secure their retail stores, branches, or points-of-sale, meeting the required mandates for Payment Card Industry (PCI) security compliance quickly becomes the number one prioritized focus area.  In fact, the 2015 Verizon PCI compliance report demonstrates this when it states that the number of companies that fully complied with the payment card industry (PCI) […]

November 10, 2015

THREAT RESEARCH

Microsoft Patch Tuesday – November 2015

Microsoft’s Patch Tuesday has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release contains 12 bulletins addressing 53 vulnerabilities. Four bulletins are rated critical and address vulnerabilities in Edge, Internet Explorer, Windows Journal, and Windows. The remaining eight bulletins are rated important […]

August 6, 2015

SECURITY

Securing the IoE with OpenAppID

We introduced OpenAppID in early 2014 with the goal of empowering customers and the open source community to control application usage in their network environments. Since then, we have increased our coverage from 1,000 OpenAppID detectors to more than 2,600, and have received valuable feedback from the community on ways to improve the product. The […]

June 24, 2015

PERSPECTIVES

Like Chalk and Cheese: Cisco ASA 5506-X with Release 9.4.1 – Policy Based Routing

Earlier this Year, Cisco introduced the Cisco ASA 5506-X with FirePOWER Services. This Model should replace the successful and smallest Security...

April 1, 2015

THREAT RESEARCH

Research Spotlight: Project FTR

            Intro Historically, networks have always been at risk for new, undiscovered threats. The risk of state sponsored hackers or criminal organizations utilizing 0-day was a constant, and the best defense was simply to keep adding on technologies to maximize the odds of detecting the new threat – like adding […]

February 18, 2015

THREAT RESEARCH

Equation Coverage

Cisco Talos is aware of the public discourse surrounding the malware family dubbed “The Equation Family”. As of February 17th the following rules (33543 – 33546 MALWARE-CNC Win.Trojan.Equation) were released to detect the Equation Family traffic. These rules may be found in the Cisco FireSIGHT Management Console (Defense Center), or in the Subscriber Ruleset on […]

January 15, 2015

PERSPECTIVES

Cisco ASA with FirePOWER Services – How to get infected

On October 7, 2013 Cisco completed the acquisition of Sourcefire. At that time, I recognized this via Twitter and checked out the products on their website. I was excited to...

December 11, 2014

SECURITY

Reintroducing Snort 3.0

A little more than a year ago when Sourcefire became a part of Cisco, we reaffirmed our commitment to open source innovation and pledged to continue support for Snort and other open source projects. Our announcement of the OpenAppID initiative earlier this year was one of several ways we have delivered on this promise. Today we are […]