Archiv für die Kategorie: Cisco Security Notice

By John Stewart Our just-released 2016 Cisco Annual Security Report (ASR) presents a challenging cybersecurity landscape: cyber defense teams are fighting to keep up with rapid global digitization while trying to integrate dozens of vendor solutions, speed up detection, and educate their organizations from top to bottom. Meanwhile attackers grow more bold, flexible, and resilient by the day, setting up professional infrastructures that look a lot like what we’d find in legitimate businesses. On the global front, we see fluctuations in cyber Internet governance across regions, which […]

Source:: Cisco Security Notice

By Talos Group This post was authored by Mariano Graziano . Malware sandboxes are automated dynamic analysis systems that execute programs in a controlled environment. Within the large volumes of samples submitted daily to these services, some submissions appear to be different from others and show interesting characteristics. At USENIX Security 2015 I presented a paper in which we proposed a method to automatically discover malware developments from samples submitted to online dynamic analysis systems. The research was conducted by dissecting the Anubis sandbox dataset which consisted of over 30M […]

Source:: Cisco Security Notice

By Talos Group The first Patch Tuesday of 2016 has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is relatively light with nine bulletins addressing 25 vulnerabilities. Six bulletins are rated critical and address vulnerabilities in Edge, Internet Explorer, JScript/VBScript, Office, Silverlight, and Windows. The remaining three bulletins are rated important and address vulnerabilities in Exchange and several parts of Windows. Bulletins Rated Critical Microsoft bulletins MS16-001 through MS16-0006 […]

Source:: Cisco Security Notice

By Talos Group This Post was Authored by Nick Biasini , with contributions by Joel Esler Exploit Kits are one of the biggest threats that affects users, both inside and outside the enterprise, as it indiscriminately compromises simply by visiting a web site, delivering a malicious payload. One of the challenges with exploit kits is at any given time there are numerous kits active on the Internet. RIG is one of these exploit kits that is always around delivering malicious payloads to unsuspecting users. RIG first appeared […]

Source:: Cisco Security Notice

By Sam Rastogi George Tupy’s recent blog described how the growth of cloud and over the top (OTT) video presents a massive market opportunity for service providers to deliver video content anytime, anywhere, and on any screen. He also discussed how open IP networks and cloud-based delivery methods introduce new security vulnerabilities. To add fuel to the fire, content and customer data is often stored together inside the video headend and data centers making it more easily accessed by attackers. They can disrupt operations […]

Source:: Cisco Security Notice