Security Beyond the Sandbox

/in /von

By Joe Malenfant A few years ago sandboxing technology really came of age in the security industry. The ability to emulate an environment, detonate a file without risk of infection, and analyze its behavior became quite a handy research tool. Since then, sandboxes have become relatively popular (not nearly on the same scale as anti-virus or firewalls) and can be found in larger organizations. You may even have purchased a sandbox a few years ago, but it’s likely that your malware analysis needs []

Source:: Cisco Security Notice

Vulnerability Spotlight: Microsoft Windows CDD Font Parsing Kernel Memory Corruption

/in /von

By Talos Group Discovered by Andrea Allievi and Piotr Bania of Cisco Talos. Talos, in conjunction with Microsoft’s security advisory issued on September 8th, is disclosing the discovery of a memory corruption vulnerability within the Microsoft Windows CDD Font Parsing Kernel Driver. This vulnerability was initially discovered by the Talos and reported in accordance with responsible disclosure policies to Microsoft. Please see Talos’s Microsoft Tuesday Blog for coverage information for this vulnerability. Details A specially crafted font file can cause the Microsoft Windows CDD Font Parsing Kernel driver to []

Source:: Cisco Security Notice

Vulnerability Spotlight: Microsoft Windows CDD Font Parsing Kernel Memory Corruption

/in /von

By Talos Group Discovered by Andrea Allievi and Piotr Bania of Cisco Talos. Talos, in conjunction with Microsoft’s security advisory issued on September 8th, is disclosing the discovery of a memory corruption vulnerability within the Microsoft Windows CDD Font Parsing Kernel Driver. This vulnerability was initially discovered by the Talos and reported in accordance with responsible disclosure policies to Microsoft. Please see Talos’s Microsoft Tuesday Blog for coverage information for this vulnerability. Details A specially crafted font file can cause the Microsoft Windows CDD Font Parsing Kernel driver to []

Source:: Cisco Security Notice

Microsoft Patch Tuesday – September 2015

/in /von

By Talos Group Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 12 bulletins released which address 55 CVEs. Five bulletins are rated “Critical” this month and address vulnerabilities in Edge, Graphics Component, Internet Explorer, Journal, and Office. The other seven bulletins are rated “Important” and address vulnerabilities in the .NET Framework, Active Directory, Exchange, Hyper-V, Media Center, Skype for Business, and Task Management. Bulletins Rated Critical []

Source:: Cisco Security Notice

Microsoft Patch Tuesday – September 2015

/in /von

By Talos Group Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 12 bulletins released which address 55 CVEs. Five bulletins are rated “Critical” this month and address vulnerabilities in Edge, Graphics Component, Internet Explorer, Journal, and Office. The other seven bulletins are rated “Important” and address vulnerabilities in the .NET Framework, Active Directory, Exchange, Hyper-V, Media Center, Skype for Business, and Task Management. Bulletins Rated Critical []

Source:: Cisco Security Notice

Fortinet Unveils Industry-Leading Security Framework and Partner Ecosystem Designed to Protect Cloud and SDN Data Center Environments

/in /von

Fortinet Unveils Industry-Leading Security Framework and Partner Ecosystem Designed to Protect Cloud and SDN Data Center Environments

Source:: Fortinet

Fortinet Unveils Industry-Leading Security Framework and Partner Ecosystem Designed to Protect Cloud and SDN Data Center Environments

/in /von

Fortinet Unveils Industry-Leading Security Framework and Partner Ecosystem Designed to Protect Cloud and SDN Data Center Environments

Source:: Fortinet

Research Spotlight: Learning Detectors of Malicious Network Traffic

/in /von

By Talos Group This post was authored by Karel Bartos , Vojtech Franc , & Michal Sofka . Malware is constantly evolving and changing. One way to identify malware is by analyzing the communication that the malware performs on the network. Using machine learning, these traffic patterns can be utilized to identify malicious software. Machine learning faces two obstacles: obtaining a sufficient training set of malicious and normal traffic and retraining the system as malware evolves. This post will analyze an approach that overcomes these obstacles by developing a []

Source:: Cisco Security Notice

Research Spotlight: Learning Detectors of Malicious Network Traffic

/in /von

By Talos Group This post was authored by Karel Bartos , Vojtech Franc , & Michal Sofka . Malware is constantly evolving and changing. One way to identify malware is by analyzing the communication that the malware performs on the network. Using machine learning, these traffic patterns can be utilized to identify malicious software. Machine learning faces two obstacles: obtaining a sufficient training set of malicious and normal traffic and retraining the system as malware evolves. This post will analyze an approach that overcomes these obstacles by developing a []

Source:: Cisco Security Notice

As Security Incidents Rise at Education Facilities Nationwide, Multiple K-12 Institutions Choose Fortinet to Protect Against Cyber Attacks

/in /von

As Security Incidents Rise at Education Facilities Nationwide, Multiple K-12 Institutions Choose Fortinet to Protect Against Cyber Attacks

Source:: Fortinet