Cisco Blogs


Cisco Blog > Security

New Fake UPS Malware Email Campaign

We have detected evidence of a malware distribution campaign using messages masquerading as UPS delivery notification emails. These campaigns attempt to deceive the targets into thinking they are receiving mail from a trusted sender in order to dupe the recipient into installing malware, possibly for financial gain. Once the initial attack vector is installed, further malware may be distributed.

This  appears to be part of the same campaign seen by MalwareMustDie (http://pastebin.com/n244xN32) and uses the email subject “UPS Delivery Notification Tracking Number”. We have seen a limited number of customers receiving this spam starting yesterday (Tue Nov 5), suggesting that this is a fairly low volume campaign (at the moment). The message contains an attachment with a filename such as “invoiceU6GCMXGLL2O0N7QYDZ” and extension .txt or .doc which is a disguised rtf file.

Section of the mail attachment containing rtf objocx tag

Section of the mail attachment containing rtf objocx tag

According to our analysis the malware attempts to download additional files by exploiting CVE-2012-0158 affecting old versions of Microsoft Office, which is detected by Cisco IPS signature 1131 and is available as a Metasploit module. In this case the malware being distributed seems to be a form of ransomware. Ransomware typically encrypts files on an infected machine and requires the user to pay for the release of their data. This particular piece of ransomware appears to be distinct from the samples we have been seeing as part of the Cryptolocker campaign, but comes in the wake of increased interest and discussion of this kind of attack.

    Attached malware making a request to the control server at 199.16.199.2

Attached malware making a request to the control server at 199.16.199.2

As ever, users should remain vigilant when opening email links and attachments, and be wary of a message purporting to be an automated order confirmation from a company such as FedEx and UPS, as this is a common tactic which has also been identified as a possible method for distributing Cryptolocker.

Additional analysis of this attack can be found here: http://bartblaze.blogspot.com/2013/11/latest-ups-spam-runs-include-exploits.html

Malicious rtf:   7c2fd4abfe8640f8db0d18dbecaf8bb4

Downloaded exe:     e5e1ee559dcad00b6f3da78c68249120

 

Thanks to Cisco researchers Craig Williams and Martin Lee for assistance with this post.

 

Tags: , ,

Removing Language Barriers from Math Education Improves Student Achievement

What if your biggest challenge in learning math was that you could not understand the words that the teacher used to convey math concepts? That the language in the math book was not your first language? Or that your learning disability involved difficulties with words and reading?

Dr. Matthew Peterson, co-founder and COO of MIND Research Institute, knows what that’s like. He is dyslexic. But after completing an undergraduate triple major and a Ph.D. in visual neuroscience, he decided to try to figure out a way to teach math that minimizes the use of words, but maximizes student understanding and achievement.

 

Dr. Peterson’s stunning innovation is called ST Math, a web-based, self-paced software program that uses language-free animation to help students grasp key math concepts. This resource is offered to students in addition to regular classroom instruction, twice a week.

It turns out that all students, regardless of language or culture of origin, gender, and in some cases even learning disability, do far better at math when they have additional help from solving the ST Math exercises.

As we outlined in an earlier blog post, Cisco’s initial expansion support for ST Math in Silicon Valley and in Arizona has shown strong student performance gains of double to triple growth in math proficiency. Our newly supported 22-school Virginia ST Math pilot sought to replicate these successful outcomes.

Read More »

Tags: , , , , ,

Medianet in Action

November 6, 2013 at 1:07 pm PST

I recently wrote a blog discussing the Value of Medianet in which I listed the benefits and associated costs of adoption. Remember that in simple terms Medianet enables a granular QoS policy and also provides a systematic approach for video troubleshooting. In this article I’m going to provide an example of Medianet in action as it has been my experience that most people, at least initially, struggle to visualize the impact Medianet has on the day to day operations of a Cisco collaboration solution running over a Cisco networking infrastructure.

In my previous blog I said that “Medianet reduces operational support costs.” I’m now going to attempt to show you how.

The first thing we can enable is edge monitoring, which allows the IT team to centrally check upon the health on any given endpoint and also ascertain its call status. Take a look at this video below:

As useful as it is, end point monitoring is only of limited benefit when problems start to occur. Electronic confirmation of what impacted end users are seeing is not what is actually required. We need a way to proactively troubleshoot issues as soon as they appear. The combination of Medianet enabled applications communicating with a Medianet enabled network, which is overseen by an intelligent management application is the means by which Cisco provides this. Read More »

Tags: , , , , , ,

Big Business from Big Data

“Dad, how many mobile phones were sold last year in the whole world?”

“Is this a trick question? Well, there are about 7 billion human beings on earth. Assuming every…”

“No, no—give me a number.”

“Well, I am not 100 percent sure. How many do you think were sold?”

“1.75 billion.”

“How do you know?”

“Dad—it’s on the Internet!”

My 10-year-old daughter left the room, triumphantly. I looked after her—admittedly feeling a little bit jealous. I wanted to be 10 years old again, too. I’d like to grow up with access to any information, available at any time, at the touch of a button. And this is only the beginning. Soon, tailored information will be provided to us proactively, before we even know what to ask for.

It’s easy to forget how incredibly rapid technological development has been. The true uptake of the Internet happened only about 15 years ago. Think about what would happen if your family had to spend an entire week without being connected to the Internet and the constant global interactions to which we have grown accustomed. The next ”big thing” is always around the corner, waiting to disrupt everything we take for granted today.

So what will be the next big thing in technology? This is a topic of endless debate on the Internet, at dinners with friends, and in the trade press, with the discussion often descending deep into the weeds of architectures, capabilities, protocols, and standards. However, for a business executive, the only thing that really matters is the business impact. The only relevant business question is ultimately, “How can I improve my business performance enabled by technology?”

Big Business from Big Data - FINAL

Read More »

Tags: , , , , , , , ,

Customer Collaboration and the Internet of Everything

Those who read this blog regularly know that Customer Collaboration combines traditional contact center technology and processes with important innovations in social media, Web 2.0 agent workspaces, network-based recording and analytics, and video to empower businesses to forge deeper, proactive, more consistent relationships with their customers.  Three years ago, Cisco identified Customer Collaboration as a major market disruption, and our customers have benefitted from our leadership through this disruptive time.

More recently, Cisco identified another market disruption--the Internet of Everything (IoE)--which Cisco defines as the networked connection of people, processes, data, and things.  The true benefit of the IoE is derived from the compound impact of connecting all these elements--with a majority of the value derived by extending the connections of the IoE to people.

So what’s the relationship between Customer Collaboration and the IoE?  Simply put, Customer Collaboration connects the Internet of Everything to consumers.  Many of the touchpoints to the IoE run through businesses, and Customer Collaboration is what brings businesses and organizations closer to their customers--to us.  Let me provide some examples of how Customer Collaboration can connect consumers to the IoE:

Consider Amy, Read More »

Tags: , , ,