threat
The Value of Threat Hunting
It can happen to the best of us. You can have robust security software deployed in your environment, and yet a threat slips through. Often it happens at a weak point that you hadn’t considered critical or just overlooked entirely. It can be a humbling experience and something that many security prof…
Threat Round-up for Apr 21 – Apr 28
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 21 and April 28. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior…
Malicious Microsoft Office Documents Move Beyond InkPicture
In late August we began to detect malicious Microsoft Word documents that contained VisualBasic (VB) macro code and the code appeared to be triggering when the document was opened. However, the documents did not contain any of the standard events used to launch VB macro code when a document is opene…
Top 5 Security Threats for Retailers in the Digital Age
As we enter Cybersecurity Awareness month, it’s an appropriate time to closely examine the specific security threats that retailers and hospitality providers face each and every day. In these industries, the overall “attack surface” is becoming dramatically more complex and hackers are more sophisti…
We Hear You: Retail Security Should Be Simple and SAFE
Retailers are in the business to sell, not to be stolen from. And they don’t set up shop to buy security products from companies like Cisco. However, attackers who target retailers have discovered that it’s much more lucrative to shoplift virtually rather than physically. So even if you focus on sec…
Security Steps to Take in the Holiday Season – and Beyond
Retail companies face a landscape filled with growing and increasingly complex threats. And the financial impact of these breaches is soaring. There are obvious financial incentives for attacking retailers because they typically don’t spend as much on security as financial institutions or government…
CVE-2015-0235: A GHOST in the Machine
This post was authored by Nick Biasini, Earl Carter, Alex Chiu and Jaeson Schultz On Tuesday January 27, 2015, security researchers from Qualys published information concerning a 0-day vulnerability in the GNU C library. The vulnerability, known as “GHOST” (a.k.a. CVE-2015-0235), is a buffer overflo…
Threat Spotlight: “Kyle and Stan” Malvertising Network 9 Times Larger Than Expected
This post was authored by Armin Pelkmann. On September 8th, Cisco’s Talos Security Intelligence & Research Group unveiled the existence of the “Kyle and Stan” Malvertisement Network. The network was responsible for placing malicious advertisements on big websites like amazon.co…
Threat Spotlight: “Kyle and Stan” Malvertising Network Threatens Windows and Mac Users With Mutating Malware
This post was authored by Shaun Hurley, David McDaniel and Armin Pelkmann. Update 2014-09-22: Updates on this threat can be found here Have you visited amazon.com, ads.yahoo.com, www.winrar.com, youtube.com, or any of the 74 domains listed below lately? If the answer is yes, then you may have been a…
1