Einträge von Technik Support

Threat Roundup for August 30 to September 6

By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Aug. 30 and Sep. 6. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]

GhIDA: Ghidra decompiler for IDA Pro

By Talos Group Cisco Talos is releasing two new tools for IDA Pro: GhIDA and Ghidraaas. GhIDA is an IDA Pro plugin that integrates the Ghidra decompiler in the IDA workflow, giving users the ability to rename and highlight symbols and improved navigation and comments. GhIDA assists the reverse-engineering process by decompiling x86 and x64 […]

The latest on BlueKeep and DejaBlue vulnerabilities — Using Firepower to defend against encrypted DejaBlue

By Talos Group Over the past few months, Microsoft has released several security updates for critical Remote Desktop Protocol (RDP)-related security bugs. These bugs are significant for IT infrastructure because they are classified as “wormable,” meaning future malware that exploits them could spread from system to system without requiring explicit user interaction. These vulnerabilities could […]

New Forensic Investigation Procedures for First Responder Guides

By Todd Reid Cisco is pleased to announce a new series of Forensic Investigation Procedures for First Responders guides that will help customers and partners triage Cisco products that are suspected of being tampered with or compromised. These guides provide step-by-step instructions for collecting information that first responders can use for forensic analysis for several […]

Threat Roundup for August 23 to August 30

By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Aug. 23 and Aug. 30. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]

Boosting Trust with Industry-Leading APEC PRP Certification

By Harvey Jang Cisco is now certified under the new Asia-Pacific Economic Cooperation (APEC) Privacy Recognition for Processors (PRP) System. Cisco has been an active supporter of the APEC Cross Border Privacy Rules system (CBPRs) and an advocate for safe and secure global data flows. We are an early adopter and the eighth company to […]

Insights Regarding the Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability

By Cisco PSIRT This blog post was authored by Eugenio Iavarone, Cisco PSIRT. On August 28th, 2019, Cisco published a Security Advisory titled “Cisco REST API Container for Cisco IOS XE Software Authentication Bypass Vulnerability”, disclosing an internally found vulnerability which affects the Cisco REST API container for Cisco IOS XE. An exploit could be […]

RAT Ratatouille – Backdooring PCs with leaked RATs

By Talos Group Orcus RAT and RevengeRAT are two of the most popular remote access trojans (RATs) in use across the threat landscape. Since its emergence in 2016, various adversaries used RevengeRAT to attack organizations and individuals around the world. The source code associated with RevengeRAT was previously released to the public, allowing attackers to […]