AMP

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed over the past week. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteri…

It’s a gross understatement to say that security is critical in healthcare, where a breach can not only impact an organization’s effectiveness and reputation but also affect patient privacy and—worst-case scenario—health and safety. If you are reading this blog, you no doubt already know the most co…

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed over the past week. Unlike our other posts, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristic…

Over the last half decade the term sandboxing has become so pervasive, many customers I speak to have forgotten what it’s for!  Sandboxing is a type of malware analysis – dynamic malware analysis to be exact. You execute a sample / file in a virtual environment and see what happens. There are numero…

Indicators of Compromise (“IOC”) are used to suggest a system has been affected by some form of malware. An Indicator of Compromise can be anything from a file name to the behavior observed while malware is actively running on an infected system. Where do they look? Social media, new feeds, industry…

You may be wondering why Cisco AMP for Endpoints was not included in Gartner’s 2017 Magic Quadrant for Endpoint Protection Platforms (EPP). Traditionally, Gartner placed Cisco AMP for Endpoints within their Endpoint Detection and Response (EDR) category of endpoint security tools. But as buyer needs…

Shamoon is a type of destructive malware that has been previously associated with attacks against the Saudi Arabian energy sector we’ve been tracking since 2012. We’ve observed that a variant of Shamoon, identified as Shamoon 2, has recently been used against several compromised organiza…

One of your sales people, Susan, is on the road putting some finishing touches on a presentation before a big meeting. Using the hotel Wi-Fi she does a quick search to see if there’s any relevant company or industry news she needs to know about before meeting with the client. She clicks on several w…

Effective security is simple, open, and automated.  We’ve already talked about simple and open. Now let’s talk about automated. Security admins can relate to this scenario. You just learned of an infected system in your environment of thousands of devices. How many others are affected? That’s hard t…