Research Spotlight: The Resurgence of Qbot
By Talos Group The post was authored by Ben Baker. Qbot, AKA Qakbot, has been around for since at least 2008, but it recently experienced a large surge in development and deployments. Qbot is being Qbot primarily targets sensitive information like banking credentials. Here we are unveiling recent changes to the malware that haven’t been […]
The Evolution of Scoring Security Vulnerabilities
By Omar Santos The Common Vulnerability Scoring System (CVSS), which is used by many in the industry as a standard way to assess and score security vulnerabilities, is evolving to a new version known as CVSSv3. These changes addressed some of the challenges that existed in CVSSv2; CVSSv3 analyzes the scope of a vulnerability and […]
The Evolution of Scoring Security Vulnerabilities
By Omar Santos The Common Vulnerability Scoring System (CVSS), which is used by many in the industry as a standard way to assess and score security vulnerabilities, is evolving to a new version known as CVSSv3. These changes addressed some of the challenges that existed in CVSSv2; CVSSv3 analyzes the scope of a vulnerability and […]
SCADA Security-Report 2016
SCADA Security-Report 2016 Komponenten zur Industriesteuerung sind immer häufiger Angriffsziele von Cyber-Attacken. Oftmals schlecht oder gar nicht gesichert, weil bei der Einführung noch niemand an derlei Angriffe gedacht hat, sind Steuerungsanlagen einfache Angriffsziele, die mit wenig Aufwand maximalen Schaden verspricht. Lesen Sie hier den (englisch-sprachigen) Blog-Beitrag der Sicherheitsforscher unseres Technologiepartners Fortinet. Doch auch hierzulande wird […]
The “Wizzards” of Adware
By Talos Group Talos posted a blog, September 2015, which aimed to identify how often seemingly benign software can be rightly condemned for being a piece of malware. With this in mind, this blog presents an interesting piece of “software” which we felt deserved additional information disclosure. This software exhibits several questionable behaviors including: Attempts […]
The “Wizzards” of Adware
By Talos Group Talos posted a blog, September 2015, which aimed to identify how often seemingly benign software can be rightly condemned for being a piece of malware. With this in mind, this blog presents an interesting piece of “software” which we felt deserved additional information disclosure. This software exhibits several questionable behaviors including: Attempts […]
Vulnerability Spotlight: Further NTPD Vulnerabilities
By Talos Group As a member of the Linux Foundation Core Infrastructure Initiative, Cisco is contributing to the CII effort by evaluating the Network Time Protocol daemon (ntpd) for security defects. We previously identified a series of vulnerabilities in the Network Time Protocol daemon; through our continued research we have identified further vulnerabilities in the […]