What we learned by unpacking a recent wave of Imminent RAT infections using AMP
Thu, 17 Jan 2019 19:55:46 +0000
Cisco Talos has been tracking a series of Imminent RAT infections for the past two months following reported data from Cisco Advanced Malware Protection's (AMP) Exploit Prevention engine. AMP successfully...
Securing the Central Hub of our World: Turkey
Wed, 16 Jan 2019 13:00:59 +0000
Cisco AMP and Cisco Umbrella Secures Istanbul Grand Airport and Turkish Airlines Turkey is a traveler’s and photographer’s dream. The diversity in culture and landscape paired with the generosity of...
Emotet re-emerges after the holidays
Tue, 15 Jan 2019 21:14:40 +0000
While Emotet has been around for many years and is one of the most well-known pieces of malware in the wild, that doesn't mean attackers don't try to freshen it...
Vulnerability Deep Dive: TP-Link TL-R600VPN remote code execution vulnerabilities
Tue, 15 Jan 2019 20:03:16 +0000


TP-Link recently patched three vulnerabilities in their TL-R600VPN gigabit broadband VPN router, firmware version 1.3.0. Cisco Talos publicly disclosed these issues after working with TP-Link to ensure...
Forrester’s Zero Trust or Gartner’s Lean Trust?
Mon, 14 Jan 2019 20:00:45 +0000
Whether you tell your boardroom that you’re going to adopt zero trust or lean trust, you need to decide how and where to start your multi-year journey. This blog explores 2 common approaches to zero trust, Forrester's Zero Trust eXtented (ZTX) and Gartner's CARTA approach, and how Cisco can help you on your journey to better trust-centric security.
SMB and the return of the worm
Mon, 14 Jan 2019 14:30:34 +0000
Watch the threat landscape long enough, and you’ll see that some things are cyclical. Threat types and attack methods fall in and out of fashion. As the use of one...
The Next Netflix of the SD-WAN Blockbuster: Cisco SD-WAN Security
Fri, 11 Jan 2019 16:00:34 +0000
Much like Blockbuster Video, who paid a final late fee, most SD-WAN vendors will soon pay for ignoring the market’s demand for security integrated within their SD-WAN appliances. The video...
Pylocky Unlocked: Cisco Talos releases PyLocky ransomware decryptor
Thu, 10 Jan 2019 15:58:58 +0000
PyLocky is a family of ransomware written in Python that attempts to masquerade as a Locky variant. This ransomware will encrypt all files on a victim machine before...
Why we want users’ feedback on Snort rule documentation
Wed, 09 Jan 2019 19:34:33 +0000
Today, Talos is launching a new community survey to solicit feedback on SNORTⓇ documentation. When Snort alerts the end user, the rule documentation is their first and possibly only avenue...
Microsoft Patch Tuesday — January 2019: Vulnerability disclosures and Snort coverage
Wed, 09 Jan 2019 16:17:16 +0000
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, seven of which are rated “critical,”...