Security
Threat Roundup for Jan. 25 to Feb. 1 | Mark As Read |
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 25 and Feb. 1. As with previous roundups, this post isn't meant to be an...
Why Business Leaders Should Care About Quantum Computing | Mark As Read |
Heres the bottom line: Quantum computing is a threat to cybersecurity, but its not an imminent threat.
Cisco Job Posting Targets Korean Candidates | Mark As Read |
Edmund Brumaghin and Paul Rascagneres authored this post, with contributions from Jungsoo An. Executive summary Cisco Talos recently observed a targeted malware campaign being leveraged in an...
Vulnerability Spotlight: Multiple vulnerabilities in ACD Systems Canvas Draw 5 | Mark As Read |
Cisco Talos is disclosing several vulnerabilities in ACD Systems' Canvas Draw 5, a graphics-editing tool for Mac. The vulnerable component of Canvas Draw 5 lies in the handling of TIFF...
Its 9am. Do you know where your data is? | Mark As Read |
Data center anywhere requires security everywhere - Bobby Guhasarkar, January 29, 2019 Its 9am. Do you know where your data is? If youre like most businesses today, its everywhere....
Vulnerability Spotlight: Multiple WIBU SYSTEMS WubiKey vulnerabilities | Mark As Read |
Marcin "Icewall" Noga of Cisco Talos discovered these vulnerabilities. Executive Summary Cisco Talos discovered two vulnerabilities that could allow remote code execution and memory disclosure at the kernel level...
New Year, Same Reality: How Much Will Security Actually Change in 2019 | Mark As Read |
If we look back at the security landscape of 2018, there were some interesting highs and lows. There were a number of large-scale breaches and a few new regulatory controls for identity and data protection implemented. Given that there is so much attention on security in this digital age that must mean that the threat landscape is changing, right? ...
Threat Roundup for Jan. 18 to Jan. 25 | Mark As Read |
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 18 and Jan. 25. As with previous roundups, this post isn't meant to be an...
AMP tracks new campaign that delivers Ursnif | Mark As Read |
This blog post was authored by John Arneson of Cisco Talos Executive Summary Cisco Talos once again spotted the Ursnif malware in the wild. We tracked this information stealer after...
Data Privacy: A Business Imperative | Mark As Read |
Today, in observance of International Data Privacy Day, Cisco released its 2019 Data Privacy Benchmark Study revealing the impact and business benefits from data privacy investments.
Suspicious Registry Keys and Requested files: A Threat Grid Case Study | Mark As Read |
Manually analyzing file samples is an incredibly time-consuming process. Threat Grid offers automated analysis that lets my team and I reduce the time it takes to perform malware triage and investigation.
Threat Roundup for Jan. 11 to Jan. 18 | Mark As Read |
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 11 and Jan. 18. As with previous roundups, this post isn't meant to be an...
Security Choice: Simpler Buying for more Effective Security | Mark As Read |
Security is difficult. Detecting and stopping constantly evolving attacks is a never-ending (and often thankless) challenge. And worse, the current state of security finds companies working with many products that...
What we learned by unpacking a recent wave of Imminent RAT infections using AMP | Mark As Read |
Cisco Talos has been tracking a series of Imminent RAT infections for the past two months following reported data from Cisco Advanced Malware Protection's (AMP) Exploit Prevention engine. AMP successfully...
Securing a Central Hub of our World: Turkey | Mark As Read |
Cisco AMP and Cisco Umbrella Secures Istanbul Grand Airport and Turkish Airlines Turkey is a travelers and photographers dream. The diversity in culture and landscape paired with the generosity of...
Emotet re-emerges after the holidays | Mark As Read |
While Emotet has been around for many years and is one of the most well-known pieces of malware in the wild, that doesn't mean attackers don't try to freshen it...
Vulnerability Deep Dive: TP-Link TL-R600VPN remote code execution vulnerabilities | Mark As Read |
Introduction TP-Link recently patched three vulnerabilities in their TL-R600VPN gigabit broadband VPN router, firmware version 1.3.0. Cisco Talos publicly disclosed these issues after working with TP-Link to ensure...
Forresters Zero Trust or Gartners Lean Trust? | Mark As Read |
Whether you tell your boardroom that youre going to adopt zero trust or lean trust, you need to decide how and where to start your multi-year journey. This blog explores 2 common approaches to zero trust, Forrester's Zero Trust eXtented (ZTX) and Gartner's CARTA approach, and how Cisco can help you on your journey to better trust-centric security.
SMB and the return of the worm | Mark As Read |
Watch the threat landscape long enough, and youll see that some things are cyclical. Threat types and attack methods fall in and out of fashion. As the use of one...
The Next Netflix of the SD-WAN Blockbuster: Cisco SD-WAN Security | Mark As Read |
Much like Blockbuster Video, who paid a final late fee, most SD-WAN vendors will soon pay for ignoring the markets demand for security integrated within their SD-WAN appliances. The video...
Pylocky Unlocked: Cisco Talos releases PyLocky ransomware decryptor | Mark As Read |
PyLocky is a family of ransomware written in Python that attempts to masquerade as a Locky variant. This ransomware will encrypt all files on a victim machine before...
Why we want users feedback on Snort rule documentation | Mark As Read |
Today, Talos is launching a new community survey to solicit feedback on SNORT documentation. When Snort alerts the end user, the rule documentation is their first and possibly only avenue...
Microsoft Patch Tuesday January 2019: Vulnerability disclosures and Snort coverage | Mark As Read |
Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, seven of which are rated critical,...
Security Vigilance Never Rests: Moving to Active Threat Detection | Mark As Read |
Few things are as dynamic as cybersecurity. Modern networks have become increasingly sophisticated and complex. Todays network extends to myriad devices fueled by a mobile workforce and more organizations are...
Moving Towards The Zero Trust Cybersecurity Framework A Practical Approach | Mark As Read |
The original Zero Trust model was conceived by Forrester, and leveraged by Google as part of their BeyondCorp initiative. Gartner has their framework called CARTA. These trust-centric approaches shift access decisions based on network topology to authorized users and devices. In this blog we will explore what you should consider when moving to a Ze...
Vulnerability Spotlight: Multiple privilege escalation vulnerabilities in CleanMyMac X | Mark As Read |
Tyler Bohan of Cisco Talos discovered these vulnerabilities. Executive summary Today, Cisco Talos is disclosing several vulnerabilities in MacPaws CleanMyMac X software. CleanMyMac X is a cleanup application for Mac...
Threat Roundup for Dec. 14 to Dec. 21 | Mark As Read |
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 14 and Dec. 21. As with previous roundups, this post isn't meant to be an...
Submissions for talks at the 2019 Talos Threat Research Summit are now open | Mark As Read |
Cisco Talos is happy to announcethat the Talos Threat Research Summit is returning in 2019. This time, we are expanding the number of attendees to 500 double what we...
Talos Malware Year in Review | Mark As Read |
It was easy to see a wild year coming in cybersecurity. It started with a bang, with Olympic Destroyer targeting the Winter Olympics in February in an attempt to disrupt...
Cisco ISE Playing Nice in the Security Ecosystem | Mark As Read |
2005 has long come and gone, and in this day and age, segmenting traffic on your network should mean more than a separate voice and data VLAN.
Three ways to detect cryptomining activities using network security analytics | Mark As Read |
Looking back at 2018, malicious cryptomining emerged as one of the most prominent threats. As described in-depth in this blog, cryptocurrency mining, or cryptomining for short, is the process...
The Greatest Gap in Securing Critical Infrastructure | Mark As Read |
By practicing incident response plans youll decrease the time it takes to respond appropriately and recover from a real incident.
Cisco Threat Response: Open Source Integrations You Can Use Now | Mark As Read |
Cisco Threat Response is built upon a collection of APIs; which can be used to integrate your Cisco and third-party security products, automate the incident response process and manage...
As Cryptocurrency Crash Continues, Will Mining Threat Follow? | Mark As Read |
Post authored by Nick Biasini. Executive Summary As 2018 draws to a close, one technology has definitively left its...
Connecting the dots between recently active cryptominers | Mark As Read |
Post authored by David Liebenberg and Andrew Williams. Executive Summary Through Cisco Talos investigation of illicit cryptocurrency mining...
Threat Hunting for the Holidays | Mark As Read |
How to stop the Grinch from breaking your endpoint defenses Youre gearing up for the holidays. But then your phone rings its your manager. He just heard...
Black Hat Europe 2018 | Mark As Read |
Black Hat Europe 2018 activity in the NOC was exciting from the first day and it never let up through the week.
Threat Roundup for Dec. 7 to Dec. 14 | Mark As Read |
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 7 and Dec. 14. As with previous roundups, this post isn't meant to be an...
Bitcoin Bomb Scare Associated with Sextortion Scammers | Mark As Read |
This blog was written byJaeson Schultz. Organizations across the country are on edge today after a flurry of phony bomb threats hit several public entities Thursday, such as universities,...
How Stealthwatch Cloud protects against the most critical Kubernetes vulnerability to-date, CVE-2018-1002105 | Mark As Read |
The increasing popularity of traditional cloud computing technologies such as server-less, on-demand compute and containerized environments has made technologies like Kubernetes part of our daily vernacular as it relates to...
Youve Got (Compromised) Mail! | Mark As Read |
There are two kinds of people in this world: those who have been affected by Business Email Compromise (BEC) scams and those who dont know they have been hit with...
Nearly every threat is either on an endpoint, or its headed there | Mark As Read |
This is because the endpoint is, well, the end. That is where data resides; where individuals organize, communicate, and conduct nearly all activities of their lives; and is often considered...
Cryptomining: A sheep or a wolf? | Mark As Read |
One of, if not the, most prominent motivators for threat actors is money. Whether its botnet owners renting out their services for DDoS attacks, tech support scammers cold-calling people to...
Know Your Boundaries To Know your Strategy | Mark As Read |
Where are the boundaries for threats to your operational systems? Has your organization initiated a risk assessment and created a threat model that would have covered some of the following...
in(Secure) messaging apps How side-channel attacks can compromise privacy in WhatsApp, Telegram, and Signal | Mark As Read |
Messaging applications have been around since the inception of the internet. But recently, due to the increased awareness around mass surveillance in some countries, more users are installing end-to-end encrypted...
From Beginning to Endpoint: Covering All the Angles | Mark As Read |
No single technology will provide comprehensive protection to any threat landscape. Without the control to detect, block, and remediate an attack, youre at a disadvantage when protecting your organization.
Ciscos DoD accreditation puts you on the forefront of cybersecurity | Mark As Read |
The U.S. Department of Defense has approved the Cisco Certified Network Associate Cyber Ops certification program for anyone working in a Cyber Security Service Provider analyst or incident responder role.
A Dedicated Session for CISOs at Cisco Live 2019 | Mark As Read |
The session willdiscuss CISOs challenges, business needs, and demonstrate how Cisco is uniquely able to partner with them to make cyber security an effective business enabler within their organisations.
Threat Roundup for Nov. 30 to Dec. 7 | Mark As Read |
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 30 and Dec. 7. As with previous roundups, this post isn't meant to be an...
The KISS Principle for Successful Expansion into the Cloud: Keep It Simple and Secure | Mark As Read |
As the calendar turns to 2019 in a matter of weeks we will be bombarded with a series of new predictions and resolutions. We had the same barrage last year,...
- Welcome!
- SecurityCentric aggregates blogs for the Security industry.
- Custom Feeds
- Add any RSS feed to the information you read daily.
- Blocked Feeds
- Block feeds to remove blogs you’re not interested in.
- Account Settings
- Customize the site by adding or removing feeds.
Don’t have an account yet?
- Customize your settings
- Edit how your blog displays
- Add or remove blogs you read. Sign Up.
About Us
SecurityCentric is your source for all your Security news.
Know of a Security blog that we're missing? Let us know! |