Open Document format creates twist in maldoc landscape
By Talos Group By Warren Mercer and Paul Rascagneres. Introduction Cisco Talos recently observed attackers changing the file formats they use in an attempt to thwart common antivirus engines. This can happen across other file formats, but today, we are showing a change of approach for an actor who has deemed antivirus engines perhaps “too […]
Threat Roundup for September 20 to September 27
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Sep. 20 to Sep 27. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]
Cisco Security Supporting NATO’s Largest Cybersecurity Conference
By James McNab NIAS is NATO’s largest cyber security conference and provides an opportunity for NATO and government leaders, defence and cybersecurity specialists to discuss needs and priorities and effective cyber security solutions. NATO’s mission is to protect the freedom of its members. It has innovated and adapted itself to ensure its policies, capabilities and […]
Divergent: “Fileless” NodeJS Malware Burrows Deep Within the Host
By Talos Group Executive summary Cisco Talos recently discovered a new malware loader being used to deliver and infect systems with a previously undocumented malware payload called “Divergent.” We first dove into this malware after we saw compelling data from Cisco Advanced Malware Protection’s (AMP) Exploit Prevention. This threat uses NodeJS — a program that […]
DevSecOps: Blending Critical Operations and Cultures to Increase Data Security
By Steve Martino Two major shifts are affecting organizational cybersecurity posture: digital product and service offerings are increasingly powered by mobile, cloud and data analytics; while developers of those products and services are migrating to Development Operations (DevOps) processes for greater agility and scale. Because both of these trends have security implications, CISOs are innovating […]
The Criticality of the Network in Securing IoT and Critical Infrastructure
By Simon Finn Security is the key to the success of any digital project, whether you are connecting critical infrastructure, industrial Internet of Things (IoT), or delivering data and telemetry to reduce costs and increase revenue. We have long advocated the need for a holistic approach to IoT security, and with it, shared the vital […]