New Research Paper: Prevalence and Impact of Low-Entropy Packing Schemes in the Malware Ecosystem
By Talos Group Detection of malware is a constant battle between the technologies designed to detect and prevent malware and the authors creating them. One common technique adversaries leverage is packing binaries. Packing an executable is similar to applying compression or encryption and can inhibit the ability of some technologies to detect the packed malware. […]
Explorations in the spam folder
By Ben Nahorney Everyone has a spam folder. It’s often disregarded as a dark, bottomless pit for fake emails from FedEx, pharmacy offers, and introductory emails from women far too amorous to be anything but fantastical. You’d be right to largely ignore this folder. Yet each day new emails end up in it. Most of […]
A 20/20 Vision for Cybersecurity
By Steve Martino As a CISO, where do you see your organization going this year? Perhaps some 20/20 vision could help? If you can forgive the pun, I’m delighted to announce Cisco’s 2020 CISO Benchmark Report. This year we have combined our current standing in the Gregorian calendar with the notion of perfect eyesight. The […]
Introducing SecureX
By Jeff Reed Making Security an Enabler, so Your Business Can Take an Exponential Leap I joined the Cisco Security team the week after the RSA Conference in 2017. At that time there was a lot of discussion around the journey Cisco Security was on, particularly around our efforts to deliver an integrated architecture. For […]
The Future of Cisco Security: Protecting What’s Now and What’s Next
By Dr. Gee Rittenhouse When we look at the world today, it has been revolutionized by the cloud, and it has disrupted the way business is done. Companies can now connect any user on any device to any network or application. But from a security perspective this has greatly expanded the attack surface. This represents […]
Threat Roundup for February 14 to February 21
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Feb 14 and Feb 21. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]
ObliqueRAT: New RAT hits victims’ endpoints via malicious documents
By Talos Group By Asheer Malhotra. Cisco Talos has observed a malware campaign that utilizes malicious Microsoft Office documents (maldocs) to spread a remote access trojan (RAT) we’re calling “ObliqueRAT.” These maldocs use malicious macros to deliver the second stage RAT payload. This campaign appears to target organizations in Southeast Asia. Network based detection, although […]