Articles
Threat Spotlight: PoSeidon, A Deep Dive Into Point of Sale Malware
This post was authored by Andrea Allievi, Ben Baker, Nick Biasini, JJ Cummings, Douglas Goddard, William Largent, Angel Villegas, and Alain Zidouemba Cisco’s Security Solutions (CSS) consists of information security experts with a unique blend of law enforcement, enterprise security and t…
Research Spotlight: Exploiting Use-After-Free Vulnerabilities
This blog post was authored by Earl Carter & Yves Younan. Talos is constantly researching the ways in which threat actors take advantage of security weaknesses to exploit systems. Yves Younan of Talos will be presenting at CanSecWest on Friday March 20th. The topic of his talk will be FreeSentry…
Talos Discovery Spotlight: Hundreds of Thousands of Google Apps Domains’ Private WHOIS Information Disclosed
This post was authored by Nick Biasini, Alex Chiu, Jaeson Schultz, and Craig Williams. Special thanks to William McVey for his contributions to this post. Table of Contents Overview WHOIS Privacy Protection Why Does This Exist The Issue Implications for the Good/Bad Guys Current State and Mitigatio…
Microsoft Patch Tuesday for March 2015: 14 Bulletins Released; FREAK Patched
Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 14 bulletins being released which address 45 CVEs. The first 5 bulletins are rated critical and address vulnerabilities wit…
Threat Spotlight: Angler Lurking in the Domain Shadows
This post was authored by Nick Biasini and edited by Joel Esler Overview Over the last several months Talos researchers have been monitoring a massive exploit kit campaign that is utilizing hijacked registrant accounts to create large amounts of subdomains for both initial redirection and exploitati…
Talos is Hiring
If you’re an experienced malware reverse engineer, exploit developer, response specialist, intel analyst, or looking to start your career in security, Talos might be the place for you. We have a number of positions open in Columbia, Maryland; Austin, Texas; San Jose, California; and San Francisco,…
Malicious PNGs: What You See Is Not All You Get!
This post was authored by Earl Carter and Nick Randolph. Threat actors are continually evolving their techniques. One of the latest Graftor variants is delivering a Malware DLL via a PNG file delivery mechanism. Graftor basically indicates some type of trojan hiding in a piece of software. Hiding ex…
Tax Time: Let the Phishing Begin
This post was authored by Earl Carter and Craig Williams. With the April 15th US tax deadline only about 2 months away, a new wave of tax related phishing is underway. In this latest spear-phishing campaign, attackers are attempting to gain access to your system so that they can steal your banking a…
Equation Coverage
Cisco Talos is aware of the public discourse surrounding the malware family dubbed “The Equation Family”. As of February 17th the following rules (33543 – 33546 MALWARE-CNC Win.Trojan.Equation) were released to detect the Equation Family traffic. These rules may be found in the Cisco FireSIGHT…
17