With Cisco Threat Response, The Best Things in Threat Hunting are Free
By Scott Bower For those of us in security operations, it could be easy to feel discouraged. After all, it’s an unfair fight. The bad actors seem to have unlimited time and budget. And we certainly don’t! But here’s some good news: one of the most valuable tools available in threat hunting is free. Just […]
RSA Conference 2019 Security Operations Center Findings Report Released
By Jessica Bair RSA and Cisco released the first ever Findings Report from the RSA Conference 2019 Security Operations Center (SOC). The RSA® Conference SOC analyzes the Moscone Center wireless traffic, which is an open network during the week of the Conference. The SOC began collecting traffic on Monday, March 4, 2019 and through 4:00PM […]
Let’s Destroy Democracy
By Talos Group Election security through an adversary’s eyes This post was authored by Matt Olney. Executive summary Over the past few years, Cisco Talos has increasingly been involved in election security research and support, most recently supporting the Security Service of Ukraine in their efforts to secure the two Ukrainian presidential elections in April. […]
Threat Roundup for July 12 to July 19
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 12 and July 19. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]
Is Network Security Complexity Holding You Back?
By Brian Remmel At its most fundamental level, the objective of network security is a simple one. Organizations need to protect their people, assets, and the data that travels across and resides within their networks. They do this by setting security policies that detail parameters like who or what is allowed to access which resources. […]
SWEED: Exposing years of Agent Tesla campaigns
By Talos Group By Edmund Brumaghin and other Cisco Talos researchers. Executive summary Cisco Talos recently identified a large number of ongoing malware distribution campaigns linked to a threat actor we’re calling “SWEED,” including such notable malware as Formbook, Lokibot and Agent Tesla. Based on our research, SWEED — which has been operating since at […]
Threat Roundup for July 5 to July 12
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between July 5 and July 12. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]