By Veronica Valeros This post was authored by Veronica Valeros, Petr Somol, Martin Rehak and Martin Grill, on behalf of the whole CTA team. Some of us still intuitively believe that our extensively safeguarded corporate networks are safe from the risks we are exposed to when connecting directly to public Internet. Yet, evidence suggests that most companies now […]
Source:: Cisco Security Notice
By Emmett Koen This is the third and final installment in our technical analysis of the H1N1 loader. In case you missed it, my colleague Josh Reynolds peeled apart the latest variant of H1N1 and analyzed its obfuscation tactics and techniques in the first blog, and in the second blog provides deep technical analysis of its execution. While […]
Source:: Cisco Security Notice
By Emmett Koen This is the third and final installment in our technical analysis of the H1N1 loader. In case you missed it, my colleague Josh Reynolds peeled apart the latest variant of H1N1 and analyzed its obfuscation tactics and techniques in the first blog, and in the second blog provides deep technical analysis of its execution. While […]
Source:: Cisco Security Notice
By Josh Reynolds This is the second blog in a 3 part series that provides an in-depth technical analysis on the H1N1 malware. You can read the first entry here where I covered the evolution of H1N1, its infection vector and obfuscation techniques. This blog will provide an overview of its execution. H1N1 Execution Execution flow is broken down […]
Source:: Cisco Security Notice
By Josh Reynolds This is the second blog in a 3 part series that provides an in-depth technical analysis on the H1N1 malware. You can read the first entry here where I covered the evolution of H1N1, its infection vector and obfuscation techniques. This blog will provide an overview of its execution. H1N1 Execution Execution flow is broken down […]
Source:: Cisco Security Notice
By Tom Gilheany Once an organization has deployed technology infrastructure that enables visibility into the network (discussed in the first part of this blog), that organization now requires the properly trained security personnel to bring that time to detection (TTD) down to acceptable levels and to respond appropriately to a security breach. Once detected, a breach must be […]
Source:: Cisco Security Notice
By Tom Gilheany Once an organization has deployed technology infrastructure that enables visibility into the network (discussed in the first part of this blog), that organization now requires the properly trained security personnel to bring that time to detection (TTD) down to acceptable levels and to respond appropriately to a security breach. Once detected, a breach must be […]
Source:: Cisco Security Notice
By Talos Group This post was authored by Jaeson Schultz. Well it’s Microsoft Patch Tuesday, again, and that must mean we are girding our systems against another round of security vulnerabilities. This month Microsoft has released fourteen (14) bulletins covering fifty (50) security vulnerabilities. There are seven bulletins in the set whose severity is considered “Critical”. These “Critical” […]
Source:: Cisco Security Notice
By Talos Group This post was authored by Jaeson Schultz. Well it’s Microsoft Patch Tuesday, again, and that must mean we are girding our systems against another round of security vulnerabilities. This month Microsoft has released fourteen (14) bulletins covering fifty (50) security vulnerabilities. There are seven bulletins in the set whose severity is considered “Critical”. These “Critical” […]
Source:: Cisco Security Notice
By Josh Reynolds This blog is the first in a 3 part series that will provide an in-depth technical analysis on the H1N1 malware. I’ll be looking at how H1N1 has evolved, its obfuscation, analyzing its execution including new information stealing and user account control bypass capabilities, and finally exploring how we are both using and influencing security tools […]
Source:: Cisco Security Notice
