As senior security researcher in Cisco SIO, Mary Landesman is responsible for ongoing management and analysis of data as well as reporting on the latest Web-based threats and security trends. Mary provides real-time expert analysis and insight on Web threats and scams, tips on how to protect corporate assets from infection and observations on the threat landscape.
Mary has over a dozen years of experience working in the antivirus and security industry, joining just prior to the first macro viruses. During that time, she has served as Technical Support Supervisor for Command Software Systems (now Authentium), Product Manager for behavior-based InDefense, Inc., and as Response Coordinator for FrontBridge Technologies during the height of the email worm outbreaks. She has also consulted to various other security firms throughout the years, including Shavlik Technologies and Trend Micro. In her spare time, Mary writes about information security and anti-malware topics. Her work has been published in a variety of publications, including Virus Bulletin, Elsevier, PC World, and ZDNet. She also manages the consumer-focused antivirus.about.com website. Prior to joining ScanSafe, Mary was senior content manager for the Microsoft Anti-Malware Research and Response Team.
The Cisco 4Q11 Global Threat Report has been released. The report covers the period from 1 October 2011 through 31 December 2011 and features data from across Cisco Security Intelligence Operations. This quarter’s contributors were Cisco Intrusion Prevention System (IPS), Cisco IronPort, Cisco Security Research and Operations (SR&O), and Cisco ScanSafe.
Reports of the recently discovered Duqu trojan have spawned much speculation and even resulted in the trojan being dubbed “the son of Stuxnet” or “Stuxnet 2.0.”
Data breaches dominated security news during the first half of 2011 and companies across all industry sectors were equally impacted. Many of these breaches resulted from advanced persistent threats; others resulted from SQL injection and other brute force intrusions. In all cases, customer data and corporate intellectual property were at risk.
In the Cisco 2Q11 Global Threat Report, Cisco CSIRT Manager Gavin Reid discusses the unique challenges of APTs and network intrusions. Gavin offers real world practical advice from a frontline perspective, offering valuable pointers for tweaking and using the tools you probably already have in place.
The Cisco 1Q11 Global Threat Reporthas been released. The report covers the period from 1 January 2011 through 31 March 2011 and features data from Cisco Security Intelligence Operations. This quarter’s contributors includes Cisco Intrusion Prevention System (IPS), IronPort, Remote Management Services (RMS), Security Research and Operations (SR&O), and ScanSafe.
Recent media reports have focused on a mass SQL injection attack involving a malware domain named lizamoon.com. While the lizamoon.com domain is new, this particular series of SQL injection compromises is actually several months old. Cisco ScanSafe logs record the first instance on 20-sep-10 21:58:08 GMT. Since then, various malware domains have been used for a total of 42 domains signifying 42 separate occurrences of these compromises since September 2010. Lizamoon.com was the 41st of these.
