threat

September 9, 2019

SECURITY

The Value of Threat Hunting

Threat hunting, i.e. looking for threats that somehow got past your defenses, is featured in our Cisco Cybersecurity Series, "Hunting for Hidden Threats: Incorporating Threat Hunting Into Your Security Program."

April 28, 2017

THREAT RESEARCH

Threat Round-up for Apr 21 – Apr 28

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 21 and April 28. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

October 19, 2016

SECURITY

Malicious Microsoft Office Documents Move Beyond InkPicture

In late August we began to detect malicious Microsoft Word documents that contained VisualBasic (VB) macro code and the code appeared to be triggering when the document was opened. However, the documents did not contain any of the standard events used to launch VB macro code when a document is opened, including Document_Open, or Auto_Open events. Upon […]

October 7, 2016

RETAIL AND HOSPITALITY

Top 5 Security Threats for Retailers in the Digital Age

As more information goes online, it is more vulnerable to certain types of threats. The challenge is to align networks, systems, and company cultures to support secure practices in this new arena.

January 6, 2016

RETAIL AND HOSPITALITY

We Hear You: Retail Security Should Be Simple and SAFE

Retailers are in the business to sell, not to be stolen from. And they don’t set up shop to buy security products from companies like Cisco. However, attackers who target retailers have discovered that it’s much more lucrative to shoplift virtually rather than physically. So even if you focus on security rather than selling, you […]

December 18, 2015

RETAIL AND HOSPITALITY

Security Steps to Take in the Holiday Season – and Beyond

Retail companies face a landscape filled with growing and increasingly complex threats. And the financial impact of these breaches is soaring. There are obvious financial incentives for attacking retailers because they typically don’t spend as much on security as financial institutions or government organizations, so they’ve become easy targets in recent years. According to Gartner, […]

January 28, 2015

THREAT RESEARCH

CVE-2015-0235: A GHOST in the Machine

This post was authored by Nick Biasini, Earl Carter, Alex Chiu and Jaeson Schultz On Tuesday January 27, 2015, security researchers from Qualys published information concerning a 0-day vulnerability in the GNU C library. The vulnerability, known as “GHOST” (a.k.a. CVE-2015-0235), is a buffer overflow in the __nss_hostname_digits_dots() function. As a proof-of-concept, Qualys has detailed a remote exploit for […]

September 22, 2014

THREAT RESEARCH

Threat Spotlight: “Kyle and Stan” Malvertising Network 9 Times Larger Than Expected

This post was authored by Armin Pelkmann. On September 8th, Cisco’s Talos Security Intelligence & Research Group unveiled the existence of the “Kyle and Stan” Malvertisement Network. The network was responsible for placing malicious advertisements on big websites like amazon.com, ads.yahoo.com, www.winrar.com, youtube.com and 70 other domains. As it turns out, this was just the tip of the iceberg. Ongoing research now reveals […]

September 8, 2014

THREAT RESEARCH

Threat Spotlight: “Kyle and Stan” Malvertising Network Threatens Windows and Mac Users With Mutating Malware

This post was authored by Shaun Hurley, David McDaniel and Armin Pelkmann. Update 2014-09-22: Updates on this threat can be found here Have you visited amazon.com, ads.yahoo.com, www.winrar.com, youtube.com, or any of the 74 domains listed below lately? If the answer is yes, then you may have been a victim to the “Kyle and Stan” […]