Talos

Vulnerabilities that permit remote network attacks against ubiquitous software components are the nightmares of security professionals. On 24 September the presence of a new vulnerability, CVE-2014-6271 in Bash shell allowing remote code execution was disclosed.…

This post was authored by Armin Pelkmann. On September 8th, Cisco’s Talos Security Intelligence & Research Group unveiled the existence of the “Kyle and Stan” Malvertisement Network. The network was responsible for placing malicious advertisements on big websites like amazon.co…

SpamCop is a free, community-based spam email reporting service provided by Cisco. SpamCop analyzes reported spam, and extracts details about the sending IP, the URLs contained in the spam, and the networks over which the spam message has transited. This information is used to create the SpamCop Blo…

This post was authored by Shaun Hurley, David McDaniel and Armin Pelkmann. Update 2014-09-22: Updates on this threat can be found here Have you visited amazon.com, ads.yahoo.com, www.winrar.com, youtube.com, or any of the 74 domains listed below lately? If the answer is yes, then you may have been a…

This blog post was authored by Martin Lee and Jaeson Schultz. With the announcement that yet another major retailer has allegedly been breached, it is important to review how attackers compromise retail systems and how such intrusions can be prevented. In this latest case, retailers are working to d…

This post is co-authored by Jaeson Schultz and Craig Williams. Every so often, we observe certain spam campaigns that catch our interest. On August 15, we observed a particular spam campaign that caught our attention because it was using “snowshoe” spam techniques combined with PDF expl…