By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 19 and July 26. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]
By Ben Nahorney You’ve probably heard the stories by now: one of the fundamental technologies that keeps the internet working has recently become a regular target for attackers. Earlier this month, the UK’s National Cyber Security Centre released an advisory warning of DNS hijacking attacks across multiple regions and sectors. (This was their second such […]
By Scott Bower For those of us in security operations, it could be easy to feel discouraged. After all, it’s an unfair fight. The bad actors seem to have unlimited time and budget. And we certainly don’t! But here’s some good news: one of the most valuable tools available in threat hunting is free. Just […]
By Jessica Bair RSA and Cisco released the first ever Findings Report from the RSA Conference 2019 Security Operations Center (SOC). The RSA® Conference SOC analyzes the Moscone Center wireless traffic, which is an open network during the week of the Conference. The SOC began collecting traffic on Monday, March 4, 2019 and through 4:00PM […]
By Talos Group Election security through an adversary’s eyes This post was authored by Matt Olney. Executive summary Over the past few years, Cisco Talos has increasingly been involved in election security research and support, most recently supporting the Security Service of Ukraine in their efforts to secure the two Ukrainian presidential elections in April. […]
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 12 and July 19. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]
By Brian Remmel At its most fundamental level, the objective of network security is a simple one. Organizations need to protect their people, assets, and the data that travels across and resides within their networks. They do this by setting security policies that detail parameters like who or what is allowed to access which resources. […]
By Talos Group By Edmund Brumaghin and other Cisco Talos researchers. Executive summary Cisco Talos recently identified a large number of ongoing malware distribution campaigns linked to a threat actor we’re calling “SWEED,” including such notable malware as Formbook, Lokibot and Agent Tesla. Based on our research, SWEED — which has been operating since at […]
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 5 and July 12. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]
By Ben Greenbaum One of the best tools in your SOC’s arsenal is something you might already have access to and didn’t even have to pay for. If you already deploy Cisco Umbrella, AMP for Endpoints, Firepower devices, next-generation intrusion prevention system (NGIPS), Email Security, or Threat Grid, then you can immediately access Cisco Threat […]
