Cisco Talos
Sextortion Profits Decline Despite Higher Volume, New Techniques
Post authored by Nick Biasini and Jaeson Schultz. Sextortion spammers continue blasting away at high volume. The success they experienced with several high-profile campaigns last year has led these attackers to continue transmitting massive amounts of sextortion email. These sextortion spammers have…
Ransomware or Wiper? LockerGoga Straddles the Line
Executive Summary Ransomware attacks have been in the news with increased frequency over the past few years. This type of malware can be extremely disruptive and even cause operational impacts in critical systems that may be infected. LockerGoga is yet another example of this sort of malware. Locker…
Better: Cisco Security Drives Innovation, Growth and Empowers Customers
It has been a year since last RSAC when I became head of the Cisco Security Business Group. During this time, we have greatly expanded the number of customers we both serve and protect while continuing to deliver market leading innovation keeping ahead of today’s threats. Cisco continues to offer th…
5 Cybersecurity Trends to Watch
As we are about to enter another RSA conference, it is a good time to reflect on what changes we are seeing in the cybersecurity space. Between now and RSA 2020, here are five trends that I expect to see rise to the top. 1. New world application security takes off. There is a traditional way of thi…
JavaScript bridge makes malware analysis with WinDbg easier
As malware researchers, we spend several days a week debugging malware in order to learn more about it. For that, we have several powerful and popular user mode tools to choose from, such as OllyDbg, x64dbg, IDA Pro and Immunity Debugger. All these debuggers utilize some scripting language to automa…
Cisco at RSA Conference 2019 – Making security better
Over the past several years, cybersecurity has moved from uber techies into the mainstream. When the Olympics can be disrupted by highly targeted malware, and ransomware has grown to be above a billion dollars, we’ve clearly reached a critical turning point. Not to mention the fact that whole countr…
2018 in Snort Signatures
The cybersecurity field shifted quite a bit in 2018. With the boom of cryptocurrency, we saw a transition from ransomware to cryptocurrency miners. Talos researchers identified APT campaigns including VPNFilter, predominantly affecting small business and home office networking equipment, as well as…
Black Hat Europe 2018
Warning from Black Hat NOC Cisco Security helped secure the Black Hat Europe 2018 Network Operations Centre (NOC) for the second year; joining conference producer UBM and its other security partners RSA Security, Palo Alto Networks, Rukus and Gigamon. Cisco provided DNS visibility and threat intelli…
Vulnerability Spotlight: Talos-2018-0694 – MKVToolNix mkvinfo read_one_element Code Execution Vulnerability
Piotr Bania, Cory Duplantis and Martin Zeiser of Cisco Talos discovered this vulnerability. Today, Cisco Talos is disclosing a vulnerability that we identified in the MKVToolNix mkvinfo utility that parses the Matroska file format video files (.mkv files). MKVToolNix is a set of tools to create, alt…