The Significance of Log Sources to Building Effective Intelligence-Driven Incident Response

By Aaron Varrone Many organizations today fail in adequately acquiring the necessary visibility across their network to perform efficient and effective Incident Response tasks, one of which is Intelligence-Driven Incident Response; defined as driving intelligence mechanisms to dig deeper into detecting, containing, and eradicating the latest cyber threats. Occasionally, adversaries may leave evidence on compromised devices which may […]

Source:: Cisco Security Notice

BWT Podcast EP5 – It Has Been 0-days Since This Term was Abused

By Mitch Neff Beers with Talos Episode 5 “It Has Been 0-days Since This Term was Abused” is now available. Beers with Talos offers a topical, fast-paced, and slightly irreverent take on cybersecurity issues. If you are an executive, a grizzled SOC vet, or a n00b, you will take something away from each episode. We won’t promise it’s anything […]

Source:: Cisco Security Notice

Fortinet Appoints Peter Cohen to its Board of Directors

Fortinet Appoints Peter Cohen to its Board of Directors

Source:: Fortinet

Oberberg-Online Team läuft in Köln

Das Oberberg-Online Lauf-Team war am 21.Mai bereits zum dritten Mal in Folge beim KKH-Lauf in Köln am Start.

Bereits zum 14. Mal wurde für einen guten Zweck gestartet, denn die Startgelder gehen an die Aktion Ein Herz für Kinder. Die Hintergründe zum KKH-Lauf werden hier erläutert.

Threat Round-up for May 19 – May 26

By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between May 19 and May 26. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically […]

Source:: Cisco Security Notice

How to protect against the most advanced email-based attacks

By Lindsay van Gemert With over 100 billion corporate emails exchanged each day, it’s no wonder that email remains a major threat vector. Organizations around the globe depend on email to quickly communicate and collaborate. And as long as organizations use email to send and receive files, communicate and interact, malicious files, links and attachments will continue to plague […]

Source:: Cisco Security Notice

Samba Vulnerability: Dancing Its Way to a Network Near You

By Talos Group Overview Today, a new vulnerability affecting the widely used Samba software was released. Samba is the SMB/CIFS protocol commonly used in *NIX operating systems. CVE-2017-7494 has the potential to impact many systems around the world. This vulnerability could allow a user to upload a shared library to a writeable share on a vulnerable Samba server […]

Source:: Cisco Security Notice

The light is green! But is it safe to go? Abusing users’ faith in HTTPS

By Joe Malenfant This post was authored by Anna Shirokova and Ivan Nikolaev John Smith had a lot of friends and liked to travel. One day he got an email that read: “Money has been sent to your PayPal account”. The sender appeared to be a person he met from recent trip to Cape Town. John Smith was curious and followed the link […]

Source:: Cisco Security Notice

File2pcap – The Talos Swiss Army Knife of Snort Rule Creation

By Talos Group This post was authored by Martin Zeiser with contributions by Joel Esler At Talos we are constantly on the lookout for threats to our customers networks, and part of the protection process is creating Snort rules for the latest vulnerabilities in order to detect any attacks. To improve your understanding of the rule development process, consider […]

Source:: Cisco Security Notice

Can Your Organisation Be Breached? Find Out with a Red Team

By Paul Docherty Have you ever wondered about how the everyday information available on your network could compromise your entire organisation? I lead the Cisco Security Advisory Services team in EMEAR. We recently performed a “Red Team” exercise in which our client set us the objective of attempting to gain access to their client database. For the uninitiated: […]

Source:: Cisco Security Notice