Insights Regarding the Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability
By Cisco PSIRT This blog post was authored by Eugenio Iavarone, Cisco PSIRT. On August 28th, 2019, Cisco published a Security Advisory titled “Cisco REST API Container for Cisco IOS XE Software Authentication Bypass Vulnerability”, disclosing an internally found vulnerability which affects the Cisco REST API container for Cisco IOS XE. An exploit could be […]
RAT Ratatouille – Backdooring PCs with leaked RATs
By Talos Group Orcus RAT and RevengeRAT are two of the most popular remote access trojans (RATs) in use across the threat landscape. Since its emergence in 2016, various adversaries used RevengeRAT to attack organizations and individuals around the world. The source code associated with RevengeRAT was previously released to the public, allowing attackers to […]
Black Hat USA 2019 Network Operations Center
By Jessica Bair Cisco Security is honored to be a supporting partner for the Black Hat USA 2019 Network Operations Center (NOC) for the third year; joining conference producer Informa Tech (formerly UBM) and its other security partners: RSA Security, Palo Alto Networks, Ruckus, CenturyLink and Gigamon. Cisco provided DNS visibility and architecture intelligence with […]
China Chopper still active 9 years later
By Talos Group By Paul Rascagneres and Vanja Svajcer. Threats will commonly fade away over time as they’re discovered, reported on, and detected. But China Chopper has found a way to stay relevant, active and effective nine years after its initial discovery. China Chopper is a web shell that allows attackers to retain access to […]
Findings from Gartner’s Market Guide for Email Security 2019
By Gabrielle Bridgers Gartner’s Market Guide for Email Security 2019 reaffirms that an increasing number of organizations are migrating their email platforms to the cloud. According to Gartner, “by 2021, Gartner expects 70% of public and private companies to be using cloud email services.”1 But, that access to email from anywhere and on any device […]
Threat Roundup for August 16 to August 23
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Aug. 16 and Aug. 23. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]