Cisco Talos

April 11, 2019

THREAT RESEARCH

Sextortion Profits Decline Despite Higher Volume, New Techniques

Post authored by Nick Biasini and Jaeson Schultz. Sextortion spammers continue blasting away at high volume. The success they experienced with several high-profile campaigns last year has led these attackers to continue transmitting massive amounts of sextortion email. These sextortion spammers have…

March 20, 2019

THREAT RESEARCH

Ransomware or Wiper? LockerGoga Straddles the Line

Executive Summary Ransomware attacks have been in the news with increased frequency over the past few years. This type of malware can be extremely disruptive and even cause operational impacts in critical systems that may be infected. LockerGoga is yet another example of this sort of malware. Locker…

March 4, 2019

SECURITY

Better: Cisco Security Drives Innovation, Growth and Empowers Customers

It has been a year since last RSAC when I became head of the Cisco Security Business Group. During this time, we have greatly expanded the number of customers we both serve and protect while continuing to deliver market leading innovation keeping ahead of today’s threats. Cisco continues to offer th…

March 3, 2019

SECURITY

5 Cybersecurity Trends to Watch

As we are about to enter another RSA conference, it is a good time to reflect on what changes we are seeing in the cybersecurity space. Between now and RSA 2020, here are five trends that I expect to see rise to the top. 1. New world application security takes off.  There is a traditional way of thi…

February 18, 2019

THREAT RESEARCH

JavaScript bridge makes malware analysis with WinDbg easier

As malware researchers, we spend several days a week debugging malware in order to learn more about it. For that, we have several powerful and popular user mode tools to choose from, such as OllyDbg, x64dbg, IDA Pro and Immunity Debugger. All these debuggers utilize some scripting language to automa…

February 13, 2019

SECURITY

Cisco at RSA Conference 2019 – Making security better

Over the past several years, cybersecurity has moved from uber techies into the mainstream. When the Olympics can be disrupted by highly targeted malware, and ransomware has grown to be above a billion dollars, we’ve clearly reached a critical turning point. Not to mention the fact that whole countr…

February 6, 2019

THREAT RESEARCH

2018 in Snort Signatures

The cybersecurity field shifted quite a bit in 2018. With the boom of cryptocurrency, we saw a transition from ransomware to cryptocurrency miners. Talos researchers identified APT campaigns including VPNFilter, predominantly affecting small business and home office networking equipment, as well as…

December 15, 2018

SECURITY

Black Hat Europe 2018

Warning from Black Hat NOC Cisco Security helped secure the Black Hat Europe 2018 Network Operations Centre (NOC) for the second year; joining conference producer UBM and its other security partners RSA Security, Palo Alto Networks, Rukus and Gigamon. Cisco provided DNS visibility and threat intelli…

October 26, 2018

THREAT RESEARCH

Vulnerability Spotlight: Talos-2018-0694 – MKVToolNix mkvinfo read_one_element Code Execution Vulnerability

Piotr Bania, Cory Duplantis and Martin Zeiser of Cisco Talos discovered this vulnerability. Today, Cisco Talos is disclosing a vulnerability that we identified in the MKVToolNix mkvinfo utility that parses the Matroska file format video files (.mkv files). MKVToolNix is a set of tools to create, alt…