By Jeff Reed According to research from the Enterprise Strategy Group, 87% of organizations use Network Traffic Analysis (NTA) tools for threat detection and response today, and 43% say that NTA is a “first line of defense” in case of an attack. The increasing IT complexity is one of the main factors in the adoption […]
By Ben Munroe You can tell it’s raining by sticking your head out the door; but what’s the likelihood of it stopping in the next hour? What’s the temperature and relative humidity? Suddenly the need for analytics is apparent. Without it, the chance of getting soaked on any given day would dramatically increase. Analytics makes […]
By Robert Waitman As we embark on a new decade, data privacy has become top-of-mind for business executives and consumers worldwide. Data breaches frequently expose the personal data of millions, and many companies have not done enough to protect themselves from intentional or unintentional misuse. While it is often hard to reach agreement on new […]
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 17 and Jan 24. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]
By Talos Group News Summary There is another large-scale cryptomining attack from an actor we are tracking as “Vivin” that has been active since at least November 2017. “Vivin” has consistently evolved over the past few years, despite having poor operational security and exposing key details of their campaign. By Andrew Windsor. Talos has identified […]
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 10 and Jan 17. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]
By Megha Mehta As businesses continue to move towards a more digital future, the threats they face continue to become more complex. As many organizations continue to embrace the benefits of cloud, IoT, and an increasingly mobile workforce, threat actors are taking advantage of these attack vectors to work their way into your business. Cisco […]
By Talos Group Today, Cisco Talos is unveiling the details of a new RAT we have identified we’re calling “JhoneRAT.” This new RAT is dropped to the victims via malicious Microsoft Office documents. The dropper, along with the Python RAT, attempts to gather information on the victim’s machine and then uses multiple cloud services: Google […]
By Jeff Bollinger Cisco’s Computer Security Incident Response Team (CSIRT) detected a large and ongoing malspam campaign leveraging the .IMG file extension to bypass automated malware analysis tools and infect machines with a variety of Remote Access Trojans. During our investigation, we observed multiple tactics, techniques, and procedures (TTPs) that defenders can monitor for in […]
By Talos Group By Edmund Brumaghin, with contributions from Dalton Schaadt. Executive Summary Recently, the details of a critical vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway servers were publicly disclosed. This vulnerability is currently being tracked using CVE-2019-19781. A public patch has not yet been released, however, Citrix has released recommendations for steps […]
