Cisco Talos Honeypot Analysis Reveals Rise in Attacks on Elasticsearch Clusters
Christopher Evans of Cisco Talos conducted the research for this post. EXECUTIVE SUMMARY Cisco Talos warns users that they need to keep a close eye on unsecured Elasticsearch clusters. We have recently observed a spike in attacks from multiple threat actors targeting these clu
Cisco AMP tracks new campaign that delivers Ursnif
Talos continues to see Ursnif in the wild. In this most recent example, we blocked it before it could do any damage to the target.
Vulnerability Spotlight: Natus NeuroWorks Multiple Vulnerabilities
Vulnerabilities discovered by Cory Duplantis from Cisco Talos. Overview In April 2018, Talos published five vulnerabilities in Natus NeuroWorks software. We have also identified three additional vulnerabilities. This software is used in the Natus Xltek EEG medical products fr
Vulnerability Spotlight: Natus NeuroWorks Multiple Vulnerabilities
Vulnerabilities discovered by Cory Duplantis from Talos. Overview Talos has discovered multiple vulnerabilities in Natus NeuroWorks software. This software is used in the Natus Xltek EEG medical products from Natus Medical Inc. The vulnerable devices contain an ethernet conne
New Ransomware Variant "Nyetya" Compromises Systems Worldwide
Note: This blog post discusses active research by Talos into a new threat. This information should be considered preliminary and will be updated as research continues. Update 2017-07-06 12:30 EDT: Updated to explain the modified DoublePulsar backdoor. Since the SamSam attacks
Talos Targets Disinformation with Fake News Challenge Victory
While actual truth-labeling is a hefty task, rife with political and technical issues, stance detection is a potential first step toward a more robust solution.
Player 3 Has Entered the Game: Say Hello to 'WannaCry'
By Martin Lee, Warren Mercer, Paul Rascagneres, and Craig Williams. Executive Summary A major ransomware attack has affected many organizations across the world reportedly including Telefonica in Spain, the National Health Service in the UK, and FedEx in the US. The malware re
Threat Spotlight: “Kyle and Stan” Malvertising Network 9x Larger Than Expected
This post was authored by Armin Pelkmann. On September 8th, Cisco's Talos Security Intelligence & Research Group unveiled the existence of the "Kyle and Stan" Malvertisement Network. The network was responsible for placing malicious advertisements on big websit