Logo
16.01.2017

Artikel

Die Verschmelzung von Big Data Analytics mit der IT

Von „Embedded-Big-Data-Analysen“ spricht man zum einen, wenn sich Big Data Analytics direkt in bestehende Anwendungen einbetten lässt. Doch auch im Internet of Things (IoT) spielt Embedded Analytics eine tragende Rolle.

lesen
Logo
13.01.2017

Artikel

Investition in Weiterbildung lohnt sich

Digitalisierung ohne Security wird es nicht mehr geben. Davon ist Jutta Gräfensteiner, Channel-Chefin bei Cisco Deutschland überzeugt.

lesen
Logo
12.01.2017

Nachrichten

Vulnerability Spotlight: Exploiting the Aerospike Database Server

Vulnerabilities discovered by Talos Talos is disclosing multiple vulnerabilities discovered in the Aerospike Database Server. These vulnerabilities range from memory disclosure to potential remote code execution. This software is used by various companies that require a high perf...

lesen
Logo
10.01.2017

Nachrichten

Microsoft Patch Tuesday – January 2017

Happy New Year to our readers! Today marks the first Patch Tuesday of 2017 with Microsoft releasing their monthly set of bulletins designed to address security vulnerabilities. This month’s release is relatively light with 4 bulletins addressing 3 vulnerabilities. Two bulle...

lesen
Logo
06.01.2017

Nachrichten

Cisco Coverage for ‘GRIZZLY STEPPE’

Over the past several weeks, there have been ongoing discussions regarding cyber attacks that have occurred against several political, governmental, and private sector entities in the United States. These discussions have revolved around allegations that these cyber attacks were ...

lesen
Logo
03.01.2017

Artikel

Investition in Weiterbildung lohnt sich

Digitalisierung ohne Security wird es nicht mehr geben. Davon ist Jutta Gräfensteiner, Channel-Chefin bei Cisco Deutschland überzeugt.

lesen
Logo
03.01.2017

Artikel

IPv6 – Ignorieren (fast) unmöglich

IPv6 kommt! Diese Aussage hören IT-Verantwortliche schon eine ganze Weile und doch arbeitet ein Großteil der Firmen noch mit IPv4. Die oft beschworene Unterversorgung mit Netzwerkadressen lässt scheinbar ebenfalls auf sich warten.

lesen
Logo
20.12.2016

Nachrichten

IEC 104 Protocol Detection Rules

IEC 60870-5-104 Protocol Detection Rules Cisco Talos has released 33 Snort rules which are used to analyze/inspect IEC 60870-5-104 network traffic. These rules will help Industrial Control Systems/Supervisory Control and Data Acquisition (ICS/SCADA) asset owners to allow the iden...

lesen
Logo
20.12.2016

Nachrichten

Vulnerability Spotlight: Tarantool Denial of Service Vulnerabilities

Vulnerabilities discovered by Talos Talos is disclosing two denial of service vulnerabilities (CVE-2016-9036 & CVE-2016-9037) in Tarantool. Tarantool is an open-source lua-based application server. While primarily functioning as an application server, it is also capable of pr...

lesen
Logo
19.12.2016

Nachrichten

In the Eye of the Hailstorm

This blog post was authored by Jakob Dohrmann, David Rodriguez, and Jaeson Schultz. The Cisco Talos and Umbrella research teams are deploying a distributed hailstorm detection system which brings together machine learning, stream processing of DNS requests and the curated Talos e...

lesen
Logo
13.12.2016

Nachrichten

Microsoft Patch Tuesday – December 2016

The final patch Tuesday of 2016 has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release contains 12 bulletins addressing 48 vulnerabilities. Six bulletins are...

lesen
Logo
13.12.2016

Nachrichten

Vulnerability Spotlight: Joyent SmartOS

Vulnerability discovered by Tyler Bohan Overview Talos is disclosing a series of vulnerabilities in Joyent SmartOS, specifically in the Hyprlofs filesystem. SmartOS is an open source hypervisor that is based on a branch of Opensolaris. Hyperlofs is a SmartOS in-memory filesystem ...

lesen
Logo
12.12.2016

Artikel

Paradigmenwechsel bei Netzwerken im Datacenter

Während der Server-Betrieb in den vergangenen Jahren weitgehend automatisiert und virtualisiert wurde, hat sich im Netzwerkbetrieb der Rechenzentren bisher wenig verändert. Dies führt jedoch zu zahlreichen Herausforderungen. Um diese zu lösen, bietet Cisco mit „ACI“ eine moderne,...

lesen
Logo
07.12.2016

Nachrichten

Floki Bot Strikes, Talos and Flashpoint Respond

This blog post was authored by Ben Baker, Edmund Brumaghin, Mariano Graziano, and Jonas Zaddach Executive Summary Floki Bot is a new malware variant that has recently been offered for sale on various darknet markets. It is based on the same codebase that was used by the infamous ...

lesen
Logo
01.12.2016

Nachrichten

Project FIRST: Share Knowledge, Speed up Analysis

Project FIRST is lead by Angel M. Villegas. This post is authored by Holger Unterbrink. Talos is pleased to announce the release of the Function Identification and Recovery Signature Tool (FIRST). It is an open-source framework that allows sharing of knowledge about similar funct...

lesen
Logo
29.11.2016

Nachrichten

Cerber Spam: Tor All the Things!

This post authored by Nick Biasini and Edmund Brumaghin with contributions from Sean Baird and Andrew Windsor. Executive Summary Talos is continuously analyzing email based malware always looking at how adversaries change and the new techniques that are being added on an almost c...

lesen
Logo
28.11.2016

Nachrichten

Talos Responsible Disclosure Policy Update

Responsible disclosure of vulnerabilities is a key aspect of security research. Often, the difficulty in responsible disclosure is balancing competing interests – assisting a vendor with patching their product and notifying the general public to prevent a 0-day situation. I...

lesen
Logo
28.11.2016

Artikel

Gemeinsamer Standard für IIoT-Anwendungen

OPC UA TSN: Hinter der kryptischen Abkürzung verbirgt sich das neue, einheitliche Kommunikationsprotokoll im Industrial Internet of Things (IIoT). Auf der SPS/IPC/Drives verpflichteten sich elf Partnerunternehmen offiziell dem Standard.

lesen
Logo
28.11.2016

Artikel

IT-Sicherheit macht Digitalisierung erst möglich

Die Digitalisierung ist in vollem Gange. Und der Wettbewerb wird dadurch immer intensiver. Gemäß einer Studie führt dies dazu, dass in den nächsten fünf Jahren nicht weniger als 40 Prozent der derzeit führenden Unternehmen zurückgeworfen werden oder ganz verschwinden. In diesem U...

lesen
Logo
28.11.2016

Artikel

Cisco bringt neue Server-Linie für Echtzeit-Datenverarbeitung

Cisco erweitert das „Unified Computing System“ (UCS) um eine Storage-optimierte Server-Linie. Der erste Server dieser „UCS S“-Serie, „UCS S3260“, soll speziell die Anforderungen datenintensiver Workloads wie Big Data, Streaming und Collaboration erfüllen sowie softwaredefinierte ...

lesen
Logo
25.11.2016

Artikel

Führende Hersteller unterstützen den Standard OPC UA TSN

Auf der Messe SPS IPC Drives gaben ABB, Bosch Rexroth, B&R, Cisco, General Electric, Kuka, National Instruments (NI), Parker Hannifin, Schneider Electric, SEW-Eurodrive und TTTech bekannt, dass sie gemeinsam OPC UA over Time Sensitive Networking (TSN) als die Standard- Kommun...

lesen
Logo
22.11.2016

Nachrichten

Fareit Spam: Rocking Out to a New File Type

This post authored by Nick Biasini Talos is constantly monitoring the threat landscape including the email threat landscape. Lately this landscape has been dominated with Locky distribution. During a recent Locky vacation Talos noticed an interesting shift in file types being use...

lesen
Logo
15.11.2016

Nachrichten

Crashing Stacks Without Squishing Bugs: Advanced Vulnerability Analysis

Overview Crash triaging can be a long and complicated process; by using proper tools and having an optimal approach, we can make this a bit easier and less time consuming. In this post we describe a triaging strategy and toolset based on two examples of vulnerability classes: Sta...

lesen
Logo
08.11.2016

Nachrichten

Microsoft Patch Tuesday – November 2016

Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. For a detailed explanation of each of the categories listed below, please go to https://technet.microsoft.com/en-us/security/gg309177.aspx. Th...

lesen
Logo
03.11.2016

Nachrichten

RIG Exploit Kit Campaign – Happy puzzling…

Executive Summary Talos is monitoring the big notorious Exploit Kits(EK) on an ongoing basis. Since Angler disappeared a few month ago, RIG is one EK which seems to be trying to fill the gap Angler has left. We see an ongoing development on RIG. This report gives more details abo...

lesen
Logo
03.11.2016

Artikel

Cisco bringt neue Server-Linie für Echtzeit-Datenverarbeitung

Cisco erweitert das „Unified Computing System“ (UCS) um eine Storage-optimierte Server-Linie. Der erste Server dieser „UCS S“-Serie, „UCS S3260“, soll speziell die Anforderungen datenintensiver Workloads wie Big Data, Streaming und Collaboration erfüllen sowie softwaredefinierte ...

lesen
Logo
03.11.2016

Artikel

Cisco bringt neue Server-Linie für Echtzeit-Datenverarbeitung

Cisco erweitert das „Unified Computing System“ (UCS) um eine Storage-optimierte Server-Linie. Der erste Server dieser „UCS S“-Serie, „UCS S3260“, soll speziell die Anforderungen datenintensiver Workloads wie Big Data, Streaming und Collaboration erfüllen sowie softwaredefinierte ...

lesen
Logo
02.11.2016

Nachrichten

Vulnerability Spotlight: Windows 10 Remote Denial of Service

Talos is releasing an advisory for a remote denial of service attack vulnerability in Microsoft Windows 10 AHCACHE.SYS. An attacker can craft a malicious portable executable file, which if accessed causes AHCACHE.SYS to attempt to access out of scope memory. This triggers a bugch...

lesen
Logo
31.10.2016

Nachrichten

Sundown EK: You Better Take Care

This post was authored by Nick Biasini Over the last six months the exploit kit landscape has seen some major changes. These changes began with Nuclear ceasing operations in April/May and arrests in Russia coinciding with the end of Angler in June. Recently, Neutrino has been add...

lesen
Logo
25.10.2016

Nachrichten

Vulnerability Spotlight: LibTIFF Issues Lead To Code Execution

These Vulnerabilities were discovered by Tyler Bohan of Cisco Talos. Talos is releasing multiple vulnerabilities (TALOS-2016-0187, TALOS-2016-0190 & TALOS-2016-0205) in the LibTIFF library . One vulnerability (TALOS-2016-0187) is an exploitable heap based buffer overflow that...

lesen
Logo
24.10.2016

Nachrichten

Pumpkin Spiced Locky

This post was authored by Warren Mercer & Edmund Brumaghin Summary We had .locky, we had .odin and then we had .zepto but today we hit rock bottom and we now have Locky using .shit as their encrypted file extension. In today’s latest wave of spam, Talos has observed thr...

lesen
Logo
19.10.2016

Nachrichten

MBRFilter – Can’t Touch This!

This post was authored by Edmund Brumaghin and Yves Younan Summary Ransomware has become increasingly prevalent in the industry, and in many cases, unless there is a publicly released decryptor available, there is often not an easy means of retrieving encrypted files once a syste...

lesen
Logo
18.10.2016

Nachrichten

Vulnerability Spotlight: Hopper Disassembler ELF Section Header Size Code Execution

Vulnerability Discovered by Tyler Bohan and Cory Duplantis of Cisco Talos Talos has identified an exploitable out-of-bounds write vulnerability in the ELF Section Header parsing functionality of Hopper (TALOS-2016-0222/CVE-2016-8390). Hopper is a reverse engineering tool for macO...

lesen
Logo
18.10.2016

Nachrichten

Vulnerability Spotlight: Foxit PDF Reader JBIG2 Parser Information Disclosure

Vulnerability discovered by Aleksandar Nikolic of Talos. Talos has identified an information disclosure vulnerability in Foxit PDF Reader (TALOS-2016-0201/CVE-2016-8334). A wrongly bounded call to `memcpy`, while parsing jbig2 segments within a PDF file, can be triggered in Foxit...

lesen
Logo
13.10.2016

Nachrichten

LockyDump – All Your Configs Are Belong To Us

      Locky has continued to evolve since its inception in February 2016. This has made it difficult to track at times due to changes in the way in which it’s distributed as well as various characteristics of the malware itself. The actors responsible for Loc...

lesen
Logo
11.10.2016

Nachrichten

Microsoft Patch Tuesday – October 2016

Patch Tuesday has once again arrived! Microsoft’s monthly release of security bulletins to address vulnerabilities provides fixes for 37 newly disclosed security flaws. Today’s release sees a total of 10 bulletins with five of the bulletins rated critical, addressing ...

lesen
Logo
06.10.2016

Nachrichten

Phishing for Threat Intelligence: Using Your Spam Quarantine for the Greater Good

Cisco’s OpenDNS enables phishing awareness by helping organizations learn about commonly identifiable tactics used by scammers....

lesen
Logo
03.10.2016

Nachrichten

Vulnerability Spotlight: FreeImage Library XMP Image Handling Code Execution Vulnerability

Exploit uses a maliciously crafted image file as an email attachment or via an instant message....

lesen
Logo
03.10.2016

Nachrichten

Vulnerability Spotlight: FreeImage Library XMP Image Handling Code Execution Vulnerability

FreeImage is widely used software integrated into over 100 products ranging from free to paid licensing and include multimedia software, games, developer tools, PDF generators and more.  FreeImage makes use of a common file format created by Adobe, Extensible Metadata Platform (X...

lesen
Logo
01.10.2016

Nachrichten

Vulnerability Spotlight: OpenJPEG JPEG2000 mcc record Code Execution Vulnerability

Vulnerability discovered by Aleksandar Nikolic of Cisco Talos Overview Talos has identified an exploitable out-of-bounds vulnerability in the JPEG 2000 image file format parser implemented in OpenJPEG library (TALOS-2016-0193/CVE-2016-8332). The JPEG 2000 file format is commonly ...

lesen