Cisco Blogs

Cisco Blog > Security

Unsociable: Social Media Brings a New Wave of Threats

Last year brought a surprising, and seemingly positive, change in the number of security threats: it was the first year we saw spam volumes drop. That decrease was a significant change from the previous decade, in which spam volumes roughly doubled every year, compounding to yield a dirty Internet where about 90 percent of the email flowing over the backbone is spam. So does the drop in spam volume mean spam is suddenly less of a problem? Have spammers given up and gone home, or maybe developed a conscience and let up a little?

Unfortunately, no. Spam has just changed. It’s become more sophisticated. We are seeing a massive shift away from the spray-and-pray tactics of the past to much more targeted and complex attacks. One consistent trait of attackers: they always follow the money. Therefore, as social media sites such as Facebook have experienced explosive growth (and explosive valuations), it’s no surprise that threat writers are exploring ways to tap into these networks to deliver the next generation of attacks.

Read More »

Tags: ,

The Gap Between Policy and Implementation

Mark Twain once wrote, “Everybody complains about the weather, but nobody ever does anything about it.” Security policy is a lot like that. Creating a security policy is at the top of the list for anyone looking to really secure their network. But the devil is in the details.

Among the things a security policy needs to cover are:

  • All users
  • All physical and virtual devices
  • All access methods
  • All resource classifications and locations
  • All compliance requirements
  • All of the OSI layers, from the physical layer up the stack to the application layer
  • AND the policy needs to be applied uniformly across the entire distributed enterprise

Read More »

Tags: , , , , ,

Identity Intermediaries and the NSTIC

This is part of an ongoing series on the National Strategy for Trusted Identities in Cyberspace.  The introduction to this series can be found here.

A couple of months ago, I spoke with a security researcher at a conference about the NSTIC.  He questioned the need for an intermediary to manage users’ identity information; he asked why we don’t just do this at the user’s endpoint, eliminating the need for the user to trust an external party.  This is a good place to begin a discussion about the NSTIC architecture.

Read More »

Tags: , ,

It Crawled Out of the Sandbox

Security and functionality have lived on opposite ends of the spectrum since the dawn of time. The door with no lock has always been easier to use than something with multiple chains and dead bolts. Of course, the unlocked door has always been easier to open for those who may want to do bad things.

Read More »

Tags: ,

Introducing the Cisco IOS Software Checker

A new tool called the Cisco IOS Software Checker is now available on the Cisco Security Intelligence Operations (SIO) portal.  This tool introduces a feature that has been long-requested from our customers and will make Cisco product security information much easier to consume and digest.

Security Advisories that are published by the Cisco Product Security Incident Response Team (PSIRT) provide detailed information about security vulnerabilities in Cisco products, including mitigations, affected products and vulnerable and fixed versions of software. Security Advisories affecting Cisco IOS include a table that provides a list of affected Cisco IOS release trains and fixed versions for those trains. Our customers have long asked us for ways to simplify identification of affected software in this table, and so we have developed the Cisco IOS Software Checker for this very purpose. This tool leverages our internal databases to easily provide affected software information without requiring you to manually process the fixed software table.

Read More »

Tags: ,