Evolution of the Nuclear Exploit Kit
This post is co-authored by Alex Chiu, Martin Lee, Emmanuel Tacheau, and Angel Villegas. Exploit kits remain an efficient mechanism for cyber criminals to distribute malware. Such kits include exploits for multiple vulnerabilities within a single malicious webpage. Criminals can
Shellshock Exploits in the Wild
This post was authored by Joel Esler & Martin Lee. The recently discovered Bash vulnerability (CVE-2014-6271) potentially allows attackers to execute code on vulnerable systems. We have already blogged about the issue and provided more technical detail in a further blog. The
Another Major Vulnerability Bashes Systems
Vulnerabilities that permit remote network attacks against ubiquitous software components are the nightmares of security professionals. On 24 September the presence of a new vulnerability, CVE-2014-6271 in Bash shell allowing remote code execution was disclosed. The Bash shell
Help! My IP Address Has Been Hijacked!
This post is authored by Jaeson Schultz. SpamCop is a free, community-based spam email reporting service provided by Cisco. SpamCop analyzes reported spam, and extracts details about the sending IP, the URLs contained in the spam, and the networks over which the spam message has
Danger at the Retail Point of Sale
This blog post was authored by Martin Lee and Jaeson Schultz. With the announcement that yet another major retailer has allegedly been breached, it is important to review how attackers compromise retail systems and how such intrusions can be prevented. In this latest case, retai
Snowshoe Spam Attack Comes and Goes in a Flurry
This post is authored by Alex Chiu, Jaeson Schultz and Craig Williams. Every so often, we observe certain spam campaigns that catch our interest. On August 15, we observed a particular spam campaign that caught our attention because it was using "snowshoe" spam techniq