Disassembler and Runtime Analysis
By Talos Group This post was authored by Paul Rascagneres. Introduction In the CCleaner 64bit stage 2 previously described in our blog, we explained that the attacker modified a legitimate executable that is part of “Symantec Endpoint”. This file is named EFACli64.dll. The modification is performed in the runtime code included by the compiler, more […]
Disassembler and Runtime Analysis
By Talos Group This post was authored by Paul Rascagneres. Introduction In the CCleaner 64bit stage 2 previously described in our blog, we explained that the attacker modified a legitimate executable that is part of “Symantec Endpoint”. This file is named EFACli64.dll. The modification is performed in the runtime code included by the compiler, more […]
FUJITSU Aktionsmodelle Oktober 2017
Im Herbst planen viele IT-Verantwortliche zum Einen die Verwendung der letzten Budgetpositionen, zum Anderen beginnt auch die Etatplanung für das kommende Jahr. Anregungen zur Verwendung bieten wir gerne. Sei es mit den Aktionsmodellen unseres Partners FUJITSU für den Oktober (hier klicken für Server und Storage, hier klicken für Desktop-Systeme und hier klicken für Mobiles) , oder […]
Spoofed SEC Emails Distribute Evolved DNSMessenger
By Talos Group This post was authored by Edmund Brumaghin, Colin Grady, with contributions from Dave Maynor and @Simpo13. Executive Summary Cisco Talos previously published research into a targeted attack that leveraged an interesting infection process using DNS TXT records to create a bidirectional command and control (C2) channel. Using this channel, the attackers were […]
Spoofed SEC Emails Distribute Evolved DNSMessenger
By Talos Group This post was authored by Edmund Brumaghin, Colin Grady, with contributions from Dave Maynor and @Simpo13. Executive Summary Cisco Talos previously published research into a targeted attack that leveraged an interesting infection process using DNS TXT records to create a bidirectional command and control (C2) channel. Using this channel, the attackers were […]
Security in Your DNA: Tips for Securing Your Network
By Aunudrei Oliver Cisco Stealthwatch and Identity Services Engine (ISE) are key components required to transform your network into a sensor capable of enforcing your security policies. But how do you incorporate automation on your network to full advantage? How do you validate that the existing policy aligns with the company’s overall security posture? And […]
Security in Your DNA: Tips for Securing Your Network
By Aunudrei Oliver Cisco Stealthwatch and Identity Services Engine (ISE) are key components required to transform your network into a sensor capable of enforcing your security policies. But how do you incorporate automation on your network to full advantage? How do you validate that the existing policy aligns with the company’s overall security posture? And […]