By Kevin Floyd What is Email Spoofing? Email spoofing is the creation of email messages with a forged sender address for the purpose of fooling the recipient into providing money or sensitive information. For example: a sender 401k_Services@yourcompany.com sends a message to your business email address stating that you have one day to log into your account to take […]
Source:: Cisco Security Notice
By Talos Group This post is authored by Tazz. EXECUTIVE SUMMARY At the end of February, one of the researchers on the team received a solicitation email from a domain reseller, which she reviewed the first week of March. The email was from Namecheap offering deeply discounted domains for .88 cents. The timing of the email couldn’t […]
Source:: Cisco Security Notice
By Talos Group This post is authored by Tazz. EXECUTIVE SUMMARY At the end of February, one of the researchers on the team received a solicitation email from a domain reseller, which she reviewed the first week of March. The email was from Namecheap offering deeply discounted domains for .88 cents. The timing of the email couldn’t […]
Source:: Cisco Security Notice
By Talos Group Talos is disclosing the discovery of vulnerability TALOS-2016-0095 / CVE-2016-2347 in the Lhasa LZH/LHA decompression tool and library. This vulnerability is due to an integer underflow condition. The software verifies that header values are not too large, but does not check for a too small header length. Decompressing a LHA or LZH file containing an […]
Source:: Cisco Security Notice
By Talos Group Talos is disclosing the discovery of vulnerability TALOS-2016-0095 / CVE-2016-2347 in the Lhasa LZH/LHA decompression tool and library. This vulnerability is due to an integer underflow condition. The software verifies that header values are not too large, but does not check for a too small header length. Decompressing a LHA or LZH file containing an […]
Source:: Cisco Security Notice
By Joe Malenfant Most malware analysis technologies, like sandboxes, put some sort of hook or software inside their analysis environment in order to observe what is actually happening. This could be a specific DLL file, or a debugger. The problem with this approach is that malware authors are aware of it, they look for it, and they build […]
Source:: Cisco Security Notice
By Joe Malenfant Most malware analysis technologies, like sandboxes, put some sort of hook or software inside their analysis environment in order to observe what is actually happening. This could be a specific DLL file, or a debugger. The problem with this approach is that malware authors are aware of it, they look for it, and they build […]
Source:: Cisco Security Notice
By John Dominguez At RSA this year and last, Marty Roesch, VP and Chief Architect for Cisco’s Security Business Group, talked about the need of an integrated threat defense to drive systemic response. The idea is to correlate and analyze data and telemetry from the multiple security technologies that organizations have deployed across different control points. And then […]
Source:: Cisco Security Notice
By John Dominguez At RSA this year and last, Marty Roesch, VP and Chief Architect for Cisco’s Security Business Group, talked about the need of an integrated threat defense to drive systemic response. The idea is to correlate and analyze data and telemetry from the multiple security technologies that organizations have deployed across different control points. And then […]
Source:: Cisco Security Notice
By Michelle Dennedy Data protection and privacy are red-hot topics right now, as they should be. We are facing a watershed moment that could determine government and organizational policy for years to come. Weighing personal privacy against national security, for instance, is not as cut-and-dry as it may first appear. In our data-centric world, organizations are hungry for […]
Source:: Cisco Security Notice
