Cisco Cognitive Threat Analytics

This post was authored by Jan Kohout, Veronica Valeros and Petr Somol. Increasing adoption of encryption in web communication significantly contributes to protection of users’ privacy. However, it also brings tough challenges for intrusion detection systems that need to analyze the traffic wit…

This post was authored by Veronica Valeros, Petr Somol, Martin Rehak and Martin Grill, on behalf of the whole CTA team. Some of us still intuitively believe that our extensively safeguarded corporate networks are safe from the risks we are exposed to when connecting directly to public Internet. Yet,…

No security risk assessment is complete without the executive summary section. Something that can answer the high level questions security teams get asked including “how secure are we?”, “what threats are affecting our network today?” and “how healthy is our network?” We have recently revamped the C…

No matter how many security tools you deploy to defend your organization, malware is going to get in. You need to see it if you want any chance of stopping it. Cisco AMP for Endpoints provides deep visibility into the activity of files on your system so that you can spot malicious behavior quickly a…

[Ed. note: This post was authored by Veronica Valeros, Ross Gibb, Eric Hulse, and Martin Rehak] Late last autumn, the detector described in one of our previous posts, Cognitive Research: Learning Detectors of Malicious Network Traffic, started to pick up a handful of infected hosts exhibiting a new…

Attackers are constantly innovating, employing more sophisticated techniques to compromise organizations and gain access to other parts of the network and sensitive data including proprietary information, trade secrets, and of course financial information. Threats have evolved to the point that it&#…

This post is authored by Gayan de Silva and Martin Pospisil. Overview Recently, about 50 users across 20 companies were alarmed by the Cisco Cognitive Threat Analytics (CTA) about a malware that exfiltrates gigabytes of data from their computers. An example of such CTA detection: In addition to the…

Post authored by Martin Rehak, Veronica Valeros, Martin Grill and Ivan Nikolaev. In order to complement the comprehensive information about the Angler exploit kit from our Talos colleagues [Talos Intel: Angler Exposed], let’s have a very brief look at what an Angler and CryptoWall infection lo…

Summary In the past several months Cisco Cognitive Threat Analytics (CTA) researchers have observed a number of blog sites using either fake content or content stolen from other sites to drive traffic to click on ad-loaded web sites. We have observed traffic volume up to 10,000 requests per hour, ta…