The Value of Threat Hunting
Threat hunting, i.e. looking for threats that somehow got past your defenses, is featured in our Cisco Cybersecurity Series, "Hunting for Hidden Threats: Incorporating Threat Hunting Into Your Security Program."
Threat
Threat Round-up for Apr 21 – Apr 28
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 21 and April 28. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]
Malicious Microsoft Office Documents Move Beyond InkPicture
In late August we began to detect malicious Microsoft Word documents that contained VisualBasic (VB) macro code and the code appeared to be triggering when the document was opened. However, the documents did not contain any of the standard events used to launch VB macro code when a document is opened, including Document_Open, or Auto_Open events. Upon […]
Top 5 Security Threats for Retailers in the Digital Age
As more information goes online, it is more vulnerable to certain types of threats. The challenge is to align networks, systems, and company cultures to support secure practices in this new arena.
We Hear You: Retail Security Should Be Simple and SAFE
Retailers are in the business to sell, not to be stolen from. And they don’t set up shop to buy security products from companies like Cisco. However, attackers who target retailers have discovered that it’s much more lucrative to shoplift virtually rather than physically. So even if you focus on security rather than selling, you […]
Security Steps to Take in the Holiday Season – and Beyond
Retail companies face a landscape filled with growing and increasingly complex threats. And the financial impact of these breaches is soaring. There are obvious financial incentives for attacking retailers because they typically don’t spend as much on security as financial institutions or government organizations, so they’ve become easy targets in recent years. According to Gartner, […]
CVE-2015-0235: A GHOST in the Machine
This post was authored by Nick Biasini, Earl Carter, Alex Chiu and Jaeson Schultz On Tuesday January 27, 2015, security researchers from Qualys published information concerning a 0-day vulnerability in the GNU C library. The vulnerability, known as “GHOST” (a.k.a. CVE-2015-0235), is a buffer overflow in the __nss_hostname_digits_dots() function. As a proof-of-concept, Qualys has detailed a remote exploit for […]
Threat Spotlight: “Kyle and Stan” Malvertising Network 9 Times Larger Than Expected
This post was authored by Armin Pelkmann. On September 8th, Cisco’s Talos Security Intelligence & Research Group unveiled the existence of the “Kyle and Stan” Malvertisement Network. The network was responsible for placing malicious advertisements on big websites like amazon.com, ads.yahoo.com, www.winrar.com, youtube.com and 70 other domains. As it turns out, this was just the tip of the iceberg. Ongoing research now reveals […]
Threat Spotlight: “Kyle and Stan” Malvertising Network Threatens Windows and…
This post was authored by Shaun Hurley, David McDaniel and Armin Pelkmann. Update 2014-09-22: Updates on this threat can be found here Have you visited amazon.com, ads.yahoo.com, www.winrar.com, youtube.com, or any of the 74 domains listed below lately? If the answer is yes, then you may have been a victim to the “Kyle and Stan” […]