Avatar

Ross Gibb

Reverse Engineer, AMP Threat Grid

Engineering

Ross Gibb is a member of the Research & Efficacy Team at Cisco Systems that assists in increasing the efficacy of the AMP for Endpoints and AMP Threat Grid product lines through a number of development efforts.

Ross previously held positions at Symantec and IBM doing malware research and other security related duties.

Articles

April 5, 2018

SECURITY

IcedID Banking Trojan Teams up with Ursnif/Dreambot for Distribution

Update: 4/11 we have corrected the detection to Ursnif/Dreambot This post was authored by Ross Gibb with research contributions from Daphne Galme, and Michael Gorelik of Morphisec, a Cisco Security Technical Alliance partner. Cisco has noticed an increase in infections by the banking trojan IcedID t…

October 19, 2016

SECURITY

Malicious Microsoft Office Documents Move Beyond InkPicture

In late August we began to detect malicious Microsoft Word documents that contained VisualBasic (VB) macro code and the code appeared to be triggering when the document was opened. However, the documents did not contain any of the standard events used to launch VB macro code when a document is opene…