Cisco Blogs


Cisco Blog > Security

Lizamoon – Much Ado About Very Little?

Recent media reports have focused on a mass SQL injection attack involving a malware domain named lizamoon.com. While the lizamoon.com domain is new, this particular series of SQL injection compromises is actually several months old. Cisco ScanSafe logs record the first instance on 20-sep-10 21:58:08 GMT. Since then, various malware domains have been used for a total of 42 domains signifying 42 separate occurrences of these compromises since September 2010. Lizamoon.com was the 41st of these.

Cisco ScanSafe data reveals that from Sept 2010 to Feb 2011, all the compromises were on smaller, low traffic sites. Any encounters likely resulted from Web searches for very niche topic areas. As a result, the number of encounters with these compromised websites remained very low. Most importantly, this attacker is employing severe throttling such that only 0.15% of encounters even result in live content delivery. The remaining 99.85% of encounters are non-resolvable at the time of encounter. The result is a negligible rate of actual encounter with live content.

Read More »

Tags: , ,

When Cyberspace Meets Main Street

Recently, during my daily “let’s see what’s happening today” routine, I read an article that struck me in an eerie — better yet, intriguing — manner. The gist of the story is that a crime ring syndicated from cyber space, consisting of Internet-savvy folks and run-of-the-mill thieves, managed to purchase (let’s just call it what it is, steal) thousands of dollars in products while conducting shopping sprees at Apple stores.

Read More »

Tags: , ,

A Firewall for Every Occasion

April 1, 2011 at 8:56 am PST

Few people in the world would disagree that a network firewall is an essential component for any size datacenter. In fact, operating without one could be considered by many to be network asset suicide! But adding a firewall to an existing datacenter is by no means a trivial task. In fact, the amount of work that would be required to re-cable every physical interface to properly tie it in with the rest of the network is enough to make many network administrators think twice about just how badly they really need that shiny new firewall, versus just sticking with what they have. Add to that the additional rack space, power, cooling, and management required by the new device, and some serious ROI questions may be raised.

Read More »

Tags: , , ,

Throwaway Culture Can Help Your Security

Today many organizations find themselves addressing concerns over their proprietary information being stolen and their systems being compromised. Some may view this as a single problem since, in most cases, system compromise is an overture to information theft. The most common ways in which computers are compromised include visiting a web site with malicious content, opening a harmful file — malicious or otherwise — attached to an e-mail message, running a program of dubious provenance and clicking the “yes” button on every message that pops up on the screen. Organizations are fighting back by installing virus scanners, blocking known malicious web sites, filtering incoming e-mail and locking down (aka “hardening”) operating systems as much as possible. But let us take a step back and think about this whole situation again.

Read More »

Tags: , ,

Cryptographic Algorithm Transitions (2010-2011)

Cryptography has been, and continues to be, the most important and ubiquitous aspect of security services (firewall, secure access, VPN, authentication). There is a vast number of cryptographic algorithms and techniques that provide information security features that are used in different protocols and functions. It is important to be able to understand the challenges, attacks, and concerns of cryptographic algorithms in order to be able to use them efficiently. Just as important is the ability to follow the latest developments in the field so that we can be “as secure as possible.” This post is trying to present the latest transformations in the cryptography field to raise awareness on what the status quo is on recommended algorithms and key sizes.

Read More »

Tags: ,