By Talos Group This post was authored by Dave Liebenberg In the past few months, Talos has observed an uptick in the number of Chinese websites offering online DDoS services. Many of these websites have a nearly identical layout and design, offering a simple interface in which the user selects a target’s host, port, attack […]
By Talos Group This post was authored by Dave Liebenberg In the past few months, Talos has observed an uptick in the number of Chinese websites offering online DDoS services. Many of these websites have a nearly identical layout and design, offering a simple interface in which the user selects a target’s host, port, attack […]
By Scott Bower Email continues to be both the number one way business people across the globe communicate, as well as the number one threat vector that can endanger the very thing it is trying to enable, getting business done. However, our global economy means now, more than ever, senders and receivers of email can […]
By Scott Bower Email continues to be both the number one way business people across the globe communicate, as well as the number one threat vector that can endanger the very thing it is trying to enable, getting business done. However, our global economy means now, more than ever, senders and receivers of email can […]
By Talos Group Since public disclosure in April 2017, CVE-2017-0199 has been frequently used within malicious Office documents. The vulnerability allows attackers to include Ole2Link objects within RTF documents to launch remote code when HTA applications are opened and parsed by Microsoft Word. In this recent campaign, attackers combined CVE-2017-0199 exploitation with an earlier exploit, […]
By Talos Group Since public disclosure in April 2017, CVE-2017-0199 has been frequently used within malicious Office documents. The vulnerability allows attackers to include Ole2Link objects within RTF documents to launch remote code when HTA applications are opened and parsed by Microsoft Word. In this recent campaign, attackers combined CVE-2017-0199 exploitation with an earlier exploit, […]
By Talos Group This blog was authored by Paul Rascagneres. Introduction JavaScript is frequently used by malware authors to execute malicious code on Windows systems because it is powerful, natively available and rarely disabled. Our previous article on .NET analysis generated much interest relating to how to use WinDBG to analyse .js files. In this […]
By Talos Group This blog was authored by Paul Rascagneres. Introduction JavaScript is frequently used by malware authors to execute malicious code on Windows systems because it is powerful, natively available and rarely disabled. Our previous article on .NET analysis generated much interest relating to how to use WinDBG to analyse .js files. In this […]
By Evgeny Mirolyubov In our previous blog posts about AMP and Threat Grid on Cisco Email Security, we have discussed the approach to email security, that organizations could take to protect themselves against advanced threats. We have as well discussed the components of the solution and how they work together to protect customers from the […]
By Evgeny Mirolyubov In our previous blog posts about AMP and Threat Grid on Cisco Email Security, we have discussed the approach to email security, that organizations could take to protect themselves against advanced threats. We have as well discussed the components of the solution and how they work together to protect customers from the […]
