Disk Image Deception
By Jeff Bollinger Cisco’s Computer Security Incident Response Team (CSIRT) detected a large and ongoing malspam campaign leveraging the .IMG file extension to bypass automated malware analysis tools and infect machines with a variety of Remote Access Trojans. During our investigation, we observed multiple tactics, techniques, and procedures (TTPs) that defenders can monitor for in […]
New Snort rules protect against recently discovered Citrix vulnerability
By Talos Group By Edmund Brumaghin, with contributions from Dalton Schaadt. Executive Summary Recently, the details of a critical vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway servers were publicly disclosed. This vulnerability is currently being tracked using CVE-2019-19781. A public patch has not yet been released, however, Citrix has released recommendations for steps […]
Tour the RSA Conference 2020 Security Operations Center
By Jessica Bair Register now for your free tour of the RSA Conference Security Operations Center (SOC), where engineers are monitoring all traffic on the Moscone Wireless Network for security threats. The SOC is sponsored by RSA and Cisco. Sign up for a guided tour, where we’ll show real time traffic in NetWitness Packets, plus […]
Oberberg-Online Business-Frühstück zum Thema OT-Security
Am 30.01.2020 findet unser erstes Business-Frühstück im neuen Jahr statt – und das direkt mit einem Top-Thema. IT-Security hat heute jedes Unternehmen auf dem Radar. Was aber ist mit den leicht angreifbaren Produktionsumgebungen? Live-Hack und Gegenmaßnahmen werden bei unserem Business-Frühstück erläutert. Bei frischem Kaffee und knusprigen Brötchen starten wir in das Jahr 2020 mit unserem […]
Threat Roundup for January 3 to January 10
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan 3 and Jan 10. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]
Datacenter Security: How to Balance Business Agility with Great Protection
By Brad Casemore When IDC consults with enterprise customers or performs worldwide surveys, security is invariably an acute concern. That’s regardless of geography, industry, and identity of respondent (executive, LoB, IT, DevOps, etc.). While the challenge of providing protection and security extends across all places in the network, the problem is especially vexing in the […]