Cisco Talos
Malvertising: Online Advertisings’ Darker Side
By Nick Biasini, Chris Neal and Matt Valites. Executive summary One of the trickiest challenges enterprises face is managing the balance between aggressively blocking malicious advertisements (aka malvertising) and allowing content to remain online, accessible for the average user. The days of insta…
Let’s Destroy Democracy
Election security through an adversary’s eyes This post was authored by Matt Olney. Executive summary Over the past few years, Cisco Talos has increasingly been involved in election security research and support, most recently supporting the Security Service of Ukraine in their efforts to secure th…
Vulnerability Spotlight: Remote code execution vulnerabilities in Simple DirectMedia Layer
Simple DirectMedia Layer contains two vulnerabilities that could an attacker to remotely execute code on the victim’s machine. Both bugs are present in the SDL2_image library, which is used for loading images in different formats. There are vulnerabilities in the function responsible for loading PCX…
Welcome Spelevo: New exploit kit full of old tricks
Nick Biasini authored this post with contributions from Caitlyn Hammond. Executive summary Exploit kits are an ever-present and often forgotten threat on the landscape today. Their popularity seemed to peak several years ago with the success and eventual downfall of some of the best compromise platf…
Security Happenings at Cisco Live U.S.
Come learn from the best in threat defense Throughout the year, you hear us talking about our innovative security strategy – about how integration, automation, and simplification make your security posture better. We highlight the need for a new approach to security in a multi-domain world. An appr…
Threat Roundup for May 17 to May 24
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between May 17 and May 24. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral ch…
Recent MuddyWater-associated BlackWater campaign shows signs of new anti-detection techniques
This blog was authored by Danny Adamitis, David Maynor, and Kendall McKay Executive summary Cisco Talos assesses with moderate confidence that a campaign we recently discovered called “BlackWater” is associated with suspected persistent threat actor MuddyWater. Newly associated samples…
Enabling AMP in Cisco SD-WAN
It’s here. Advanced Malware Protection (AMP) for Networks is now available in Cisco SD-WAN. That means you’ll be able to sandbox and block standard, as well as polymorphic malware across the WAN, all from the Cisco SD-WAN console. As the world’s largest networking and cybersecurity vendor, Cisco com…
Threat Roundup for April 26 to May 3
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 26 and May 03. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral…