Cisco Blogs

Cisco Blog > Threat Research

Vulnerability Spotlight: Libgraphite Font Processing Vulnerabilities

Vulnerabilities Discovered by Yves Younan of Cisco Talos.

Talos is releasing an advisory for four vulnerabilities that have been found within the Libgraphite library, which is used for font processing in Linux, Firefox, OpenOffice, and other major applications. The most severe vulnerability results from an out-of-bounds read which the attacker can use to achieve arbitrary code execution. A second vulnerability is an exploitable heap overflow. Finally, the last two vulnerabilities result in denial of service situations. To exploit these vulnerabilities, an attacker simply needs the user to run a Graphite-enabled application that renders a page using a specially crafted font that triggers one of these vulnerabilities. Since Mozilla Firefox 11 and later versions directly support Graphite, the attacker could easily compromise a server and then serve the specially crafted font when the user renders a page from the server (since Graphite supports both local and server-based fonts).

In this post, we will discuss the following vulnerabilities:

  • CVE-2016-1521
  • CVE-2016-1522
  • CVE-2016-1523
  • CVE-2016-1526

Read More>>

Tags: ,

Cisco Hosting Amsterdam 2016 FIRST Technical Colloquium

Amsterdam 2016 FIRST Technical ColloquiumWe’d like to announce a “Save the Date” and “Call for Speakers” for the FIRST Amsterdam Technical Colloquium (TC) 2016. The event, hosted by Cisco Systems in Amsterdam, Netherlands will be a plenary style conference held on the 19th and 20th of April 2016.

Event registration is open now. This will be free event with no registration charges (although registration is required). This event will be open to all (not just FIRST members). Please register here.

A list of recommended hotels and travel information is available on our website.

Call for Speakers

FIRST is looking for speakers that would like to present at this Technical Colloquium. This is a GREAT opportunity to give something back to FIRST and the industry, while practicing your speaking skills and sharing your hard work.

Read More »


Find Advanced Threats with Cisco Cognitive Threat Analytics

Attackers are constantly innovating, employing more sophisticated techniques to compromise organizations and gain access to other parts of the network and sensitive data including proprietary information, trade secrets, and of course financial information. Threats have evolved to the point that it’s no longer feasible to simply defend the perimeter.

In the 2016 Cisco Annual Security Report, Cisco researchers analyzed threat intelligence and examine some of the most compelling trends in attack vectors, attack methods and vulnerabilities. The report called out that malicious browser add-ons, typically viewed as a low-severity threat, were seen affecting more than 85 percent of organizations monitored. Malicious browser extensions can steal information, and they can be a major source of data leakage.

Identifying and blocking adware, malware, and exfiltration of data requires a multi-tiered security approach. By investing in new detection methodologies that are constantly monitoring and analyzing web communications security teams are able to identify new actors and new techniques, reducing time to detection in their environments.

Cisco Cognitive Threat Analytics (CTA) is a cloud-based service that discovers breaches, malware operating inside protected networks, and other security threats by means of statistical analysis of network traffic data. It addresses gaps in perimeter-based defenses by identifying the symptoms of a malware infection or data breach using behavioral analysis and anomaly detection. CTA relies
on advanced statistical modeling and machine learning to independently identify new threats, learn from what it sees, and adapt over time.

Read More »

Tags: ,

Cisco AMP for Endpoints Adds New Features

The threat landscape is ever-changing. Attackers continue to innovate and refine their tactics, and malware is more sophisticated than ever. New threats are surfacing every day, like the Angler exploit kit and the SSHPsychos DDoS attack. According to the 2016 Cisco Annual Security Report, ransomware is exploding, Adobe Flash vulnerabilities continue to be popular with cybercriminals, and malicious browser extensions continue to be a main source of data leakage for businesses.malware-security-challenge

But of all the threats out there today, malware still reigns supreme. In the 2016 Cisco Annual Security Report, IT decision-makers were asked to identify the top external challenges that they faced from an IT security perspective, and malware topped the list at 68%. And the target for that malware: your endpoints. Servers, laptops, desktop workstations, PCs, Macs, Linux systems, and mobile devices are all targets. In fact, 50% of respondents in the 2016 Cisco Annual Security Report study said that mobility represents one of the highest risks within their security infrastructure for a security breach. Cybercriminals want data, control of your system, or both. You need to protect your endpoints.

This is why Cisco AMP for Endpoints continues to evolve. Cisco AMP for Endpoints is now better than ever, with new features and capabilities that boost performance, improve usability, and enable IT security teams to better defend against today’s most advanced attacks.

Read More »

Tags: , ,

Are you protecting your organization with comprehensive security and trust?

With cyber threats escalating, security has emerged as a critical business driver and competitive differentiator. Organizations that successfully embed security throughout their network infrastructure, policies, processes, and culture are able to reduce risk while creating sustainable business advantage.

At CiscoLive Berlin this year, we will examine how Cisco is building foundational security into the underlying architecture of our solutions as well as throughout our business operations to enhance the security of our products, our customers, and our company.

Read More »

Tags: , , , ,