Cisco Blogs

Cisco Blog > Security

Think Before Plugging In

Many popular software products have frameworks that allow users to extend and customize the application using plugins or add-ons. Examples include Firefox, WordPress and Google Chrome. In fact, even nerd software like irssi allows users to use plugins. Plugins help with productivity and make the software fun to use. However, plugins can also introduce risk to users. Sometimes, these issues are very overt. For example, malware was recently discovered in a Firefox add-on (I was impressed with how this was addressed though). Other times, the issues may be more subtle: perhaps the plugin could introduce a new vulnerability that, with a little research, could be exploited.

Read More »

Malicious Advertising Threatens the Popular Ad-supported Business Model

Web 2.0 and social media are driven by user-generated content. In return for producing content, users want to receive information or experiences that encourage them to revisit a given site. In this cycle, sites can monetize the user experience by utilizing advertising to generate profits from users’ visits and eventual patronage from advertisers. By and large, users resist paying for contexts such as social networks where they post their own content, like pictures, status updates, or videos.

For this model to perpetuate, each participant must uphold their contribution: sites must generate an attractive experience, advertisers must present relevant content to user interests, and users must provide content or consume advertisements. If advertising is overrun by malicious code, users may be driven to abandon a site that is deemed dangerous, or take steps to block advertising. Many users adopting the same approach could hurt the existing business model, resulting in a financial risk to sites that are based on advertising revenue.

Read More »

Impressions from the RSA 2010 (USA) Conference

Another RSA Conference has come and gone.  I had the privilege of getting a full “delegate” pass this year, which meant that I had access to attend the sessions, so I’ll try to describe the sessions I attended below.  Due to several conflicting meetings and other commitments, I didn’t make it to quite as many sessions as I anticipated, and barely made it to the exhibit floor.

My overall observation is that the RSA conference, as a whole, continues to be very healthy.  There was a wide range of technical sessions, and the exhibit floor (what I saw of it) was sizable and very active.  One thing that I noticed is that more of the sessions seemed to be panel discussions this year than in the past.  I tend to get more out of the individual or 2-person team talks because I find them to be more focused, in comparison with the panels that are often unscripted and more driven by the questions of whoever is in the audience.

Read More »

Medicine, Taxation, and Identity in Cyberspace

There are innumerable benefits to digitized record-keeping. I can’t say enough about the benefits of correlation and collation of information that could be gained from taking information off of paper and moving it into computers. For health information, the potential benefits are incredible and could markedly advance individual well-being. The portability and accessibility of electronic records alone, not to mention the visualization and mining of trends, association between care and outcomes, and the effectiveness of diagnosis, treatment, and costs, all stand to benefit patients and their health.

But as health records move to digitization, some individuals are taking an opportunity to commit fraud, due to weaknesses in the system. There are risks that exist with paper records that could be mitigated by digitized records, but once healthcare organizations digitize, new risks can arise.

Read More »

Cisco Security Intelligence Operations and Microsoft Tuesday

Earlier today Microsoft published their Security Bulletins for March 2010. The availability of patches mark the beginning of a flurry of activity for IT organizations everywhere. In the video below, I summarize this month’s bulletins:

In addition to those bulletins, Microsoft also published Microsoft Security Advisory 981374. This advisory addresses a vulnerability in Internet Explorer which could be exploited to execute artibrary code.

Each month Cisco Security Intelligence Operations (SIO) produces intelligence around Microsoft’s Security Bulletin Release and I thought that I would provide an overview of what is available. Although I am highlighting this information in the context of Microsoft Tuesday, note that Cisco SIO produces similar collateral for other security relevant events from a variety of vendors as well as the open source community.

Read More »