Talos ThreatSource is a regular intelligence update from Cisco Talos, highlighting the biggest threats each week and other security news.
Android Releases Monthly Security Bulletin for June 2017
Synopsis: People responsible for defending networks realize that the security threat landscape is constantly in flux as attackers continuously evolve their techniques. Talos advances the overall efficacy of all Cisco security platforms by aggregating data, cooperating with teams of security experts, and applying the cutting-edge big data technology to security. In this talk, we will perform deep analysis of recent threats Talos has observed over the past quarter and see how Talos leverages large datasets to deliver product improvements and mitigation strategies.
Synopsis: People responsible for defending networks realize that the security threat landscape is constantly in flux as attackers continuously evolve their techniques. Talos advances the overall efficacy of all Cisco security platforms by aggregating data, cooperating with teams of security experts, and applying the cutting-edge big data technology to security. In this talk, we will perform deep analysis of recent threats Talos has observed over the past quarter and see how Talos leverages large datasets to deliver product improvements and mitigation strategies.
Synopsis: Cisco's Talos Group specializes in early-warning intelligence and threat analysis necessary for maintaining a secure network. People responsible for defending networks realize that the security threat landscape is constantly in flux as attackers continuously evolve their techniques. Talos advances the overall efficacy of all Cisco security platforms by aggregating data, cooperating with teams of security experts, and applying the cutting-edge big data technology to security. In this talk, we will perform deep analysis of recent threats Talos has observed over the past quarter and see how Talos leverages large datasets to deliver product improvements and mitigation strategies.
Synopsis: This presentation will show how APT actors are evolving and how the reconnaissance phase is changing to protect their valuable 0-day exploit or malware frameworks. This talk will mainly focus on the usage of Office documents and watering hole attacks designed to establish if the target is the intended one (we will mention campaigns against political or military organizations). The techniques and the obfuscation put in place by these actors will be described in detail (techniques based on Macro, JavaScript, PowerShell, Flash or Python). At the end of the presentation, we will show different mitigations to help attendees protect their users.
Description: Android has released its monthly security bulletin for June 2017 disclosing various vulnerabilities that have been identified as part of the mobile OS. This month's release addresses 48 newly identified vulnerabilities. The most critical flaw disclosed this month is in "Media Framework that could enable a remote attacker using a specially crafted file to cause memory corruption during media file and data processing." These updates have been released for Google Nexus and Pixel devices.
The Journey to Hijacking a Country’s TLD – The Hidden Risks of Domain Extensions
https://thehackerblog.com/the-journey-to-hijacking-a-countrys-tld-the-hidden-risks-of-domain-extensions/index.html
Announcing Google Capture the Flag 2017
https://security.googleblog.com/2017/06/announcing-google-capture-flag-2017.html
An Elegant Way To Ruin Your Company's Day - Introduction to PUblic AWS EBS Snapshots
https://www.nvteh.com/news/problems-with-public-ebs-snapshots
MS17-010: EternalBlue’s Large Non-Paged Pool Overflow in SRV Driver
http://blog.trendmicro.com/trendlabs-security-intelligence/ms17-010-eternalblue/
OneLogin: Breach Exposed Ability to Decrypt Data
https://krebsonsecurity.com/2017/06/onelogin-breach-exposed-ability-to-decrypt-data/