Ingredients Needed to Manage Network Tribbles
By Amanda Rogerson Cybersecurity – the final frontier, these are the trials and tribulations that network admins face on an ongoing basis. Sometimes it feels like network admins are Starfleet captains navigating unknown galaxies as the infrastructure of organizations become more complex. Using a complicated mix of cloud apps, on-prem systems, BYOD, IoT, and more, […]
The Value of Threat Hunting
By Ben Nahorney It can happen to the best of us. You can have robust security software deployed in your environment, and yet a threat slips through. Often it happens at a weak point that you hadn’t considered critical or just overlooked entirely. It can be a humbling experience and something that many security professionals, […]
Threat Roundup for August 30 to September 6
By Talos Group Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Aug. 30 and Sep. 6. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics, indicators of compromise, and discussing how […]
GhIDA: Ghidra decompiler for IDA Pro
By Talos Group Cisco Talos is releasing two new tools for IDA Pro: GhIDA and Ghidraaas. GhIDA is an IDA Pro plugin that integrates the Ghidra decompiler in the IDA workflow, giving users the ability to rename and highlight symbols and improved navigation and comments. GhIDA assists the reverse-engineering process by decompiling x86 and x64 […]
The latest on BlueKeep and DejaBlue vulnerabilities — Using Firepower to defend against encrypted DejaBlue
By Talos Group Over the past few months, Microsoft has released several security updates for critical Remote Desktop Protocol (RDP)-related security bugs. These bugs are significant for IT infrastructure because they are classified as “wormable,” meaning future malware that exploits them could spread from system to system without requiring explicit user interaction. These vulnerabilities could […]
IT-Sicherheit vom Endpoint bis zur Cloud
Mit unserem Partner Fortinet bieten wir eine einzigartige und breit angelegte Security-Lösung an: Die Fortinet Security-Fabric, ein Netz aus miteinander kommunizierenden, spezialisierten Lösungen für die unterschiedlichen Bereiche im Unternehmen. Vom Arbeitsplatzrechner, über LAN und WLAN, Mail, Web-Applikationen u.v.m., bis zum weltweiten FortiGuard Service, bei dem hunderte Spezialisten Millionen von Sensordaten auswerten und Schadsoftware entdecken und […]
New Forensic Investigation Procedures for First Responder Guides
By Todd Reid Cisco is pleased to announce a new series of Forensic Investigation Procedures for First Responders guides that will help customers and partners triage Cisco products that are suspected of being tampered with or compromised. These guides provide step-by-step instructions for collecting information that first responders can use for forensic analysis for several […]