malware

January 2014 started with a bang, with one in every 191 web requests resulting in a web malware encounter. The Cisco Computer Security Incident Response Team (CSIRT) observed this same trend, witnessing a 200% increase in web malware encounters experienced by Cisco employees for the month. Overall,…

“There is no silver bullet.”  That’s one of our favorite sayings at Cisco Security. We use it to convey the point that malware prevention is not 100%. As new attack vectors emerge and the threat landscape evolves, some malware will get through – regardless of which security vendor you choose. In fac…

Malware is everywhere and it’s incredibly challenging to combat, using whatever unprotected path exists to reach its target and accomplish its mission. Malware has become the weapon of choice for hackers. According to the 2013 Verizon Data Breach Investigation Report, of the top 20 types of threat a…

A few months ago we discussed the various ways that consumer PII is compromised. The recent attacks against Target and Neiman Marcus illustrate the constant threat that payment card accepting retailers of all sizes face. Yesterday Reuters reported that similar breaches over the holidays affected “at…

Update 2014-01-10: This malicious campaign has expanded to include emails that masquerade as bills from NTTCable and from VolksbankU Update 2014-01-21: We’ve updated the chart to include the Vodafon emails and latest URL activity English language has emerged as the language of choice for inter…

When Fox-IT published their report regarding malvertisements coming from Yahoo, they estimated the attack began on December 30, 2013, while also noting that other reports indicated the attack may have begun earlier. Meanwhile, Yahoo intimated a different timeframe for the attack, claiming “Fro…

We are witnessing the growth of the Internet of Everything (IoE), the network of embedded physical objects accessed through the Internet, and it’s connecting new devices to the Internet which may not traditionally have been there before. Unfortunately, some of these devices may be deployed with a se…

As the day draws to a close, and especially during the early morning, users become far more likely to click on links that lead to malware. Those responsible for network security need to ensure that users’ awareness of information security continues after work hours, so that users “don’t click tired.…

We have detected evidence of a malware distribution campaign using messages masquerading as UPS delivery notification emails. These campaigns attempt to deceive the targets into thinking they are receiving mail from a trusted sender in order to dupe the recipient into installing malware, possibly fo…